搜索

[27712] 2019-11-08_从RainbowBridge看Js与Java交互中的安全漏洞

文档创建者:s7ckTeam
浏览次数:40
最后更新:2025-01-19
2019-11-08_从RainbowBridge看Js与Java交互中的安全漏洞 R a i n b o w B r i d g e J s J a v a   Z e r y   O P P O   2 0 1 9 - 1 1 - 0 8 #     , 1 8 #   , 1 0 O P P O Z e r y 稿 广 稿 O S R C 稿 ~ ~ 广 m a r k d o w n 稿 H y b r i d A P P 使 J s J a v a A n d r o i d   4 . 2 w e b v i e w J s j a v a a d d j a v a s c r i p t I n t e r f a c e A n d r o i d @ J a v a s c r i p t I n t e r f a c e j s R a i n b o w B r i d g e R a i n b o w B r i d g e R a i n b o w B r i d g e R a i n b o w B r i d g e J s B r i d g e d e m o R a i n b o w B r i d g e A P P w e b v i e w h t m l J s R a i n b o w B r i d g e . c a l l M e t h o d t o k e n T o k e n J a v a J s J a v a R a i n b o w B r i d g e . j s c a l l M e t h o d c a l l M e t h o d P r i v a t e M e t h o d . c a l l N a t i v e M e t h o d ( c l a z z ,   p o r t ,   m e t h o d ,   p a r a m ) c a l l N a t i v e M e t h o d < b u t t o n   o n c l i c k   =   " R a i n b o w B r i d g e . c a l l M e t h o d ( ' J s I n v o k e J a v a S c o p e ' ,   ' g e t T o k e n ' , { } , f u n c t i o n ( m s g ) { a l e r t ( J S O N . s t r i n g i f y ( m s g . d a t a . t o k e n ) ) } ) ; " > T o k e n < / b u t t o n >
c a l l N a t i v e M e t h o d c l a z z p o r t m e t h o d j s o n S t r u r i J S _ B R I D G E _ P R O T O C O L _ S C H E M A " r a i n b o w " u r i :   " r a i n b o w : / /   J s I n v o k e J a v a S c o p e : < p o r t > / g e t T o k e n ? " u r i m e s s a g e w i n . p r o m p t ( ) A n d r o i d   W e b V i e w w i n . p r o m p t ( ) A n d r o i d W e b C h r o m e C l i e n t o n J s P r o m p t ( ) J s J a v a o n J s P r o m p t ( ) o n C r e a t e ( ) W e b C h r o m e C l i e n t J S B r i d g e W e b C h r o m e C l i e n t ( ) : J S B r i d g e W e b C h r o m e C l i e n t o n J s P r o m p t ( ) J s C a l l J a v a . n e w I n s t a n c e ( ) . c a l l ( ) m e s s a g e   a r g 3 J s C a l l J a v a . n e w I n s t a n c e ( ) . c a l l ( ) J s C a l l J a v a t h i s .   p a r s e M e s s a g e ( S t r i n g ) t h i s .   i n v o k e N a t i v e M e t h o d ( W e b V i e w ) t h i s . p a r s e M e s s a g e ( S t r i n g ) J s m e s s a g e u r i t h i s .   m C l a s s N a m e t h i s .   m M e t h o d N a m e t h i s .   m P o r t t h i s .   m P a r a m s
t h i s . p a r s e M e s s a g e ( S t r i n g ) t h i s . i n v o k e N a t i v e M e t h o d ( W e b V i e w ) N a t i v e M e t h o d I n j e c t H e l p e r . f i n d M e t h o d ( ) t h i s . m C l a s s N a m e t h i s . m M e t h o d N a m e t h i s . m P a r a m s J s C a l l b a c k O b j e c t J s C a l l b a c k 使 M e t h o d . i n v o k e J s J a v a J a v a J s J s s J s J a v a J s I n v o k e J a v a S c o p e g e t T o k e n ( )
t o k e n i m s i j s o n J s C a l l b a c k . i n v o k e J s C a l l b a c k ( ) , J s C a l l b a c k . i n v o k e J s C a l l b a c k   ( ) c a l l ( ) : c a l l ( )
c a l l ( ) J s J a v a ( g e t T o k e n ) J s l o a d U r l J s a r g 1 0 g e t T o k e n ( ) j s o n g e t T o k e n o k J a v a l o a d U r l J s R a i n b o w B r i d g e . o n C o m p l e t e J s R a i n b o w B r i d g e . c a l l M e t h o d J s J a v a c a l l M e t h o d ( ) c a l l B a c k ( ) " j a v a s c r i p t : R a i n b o w B r i d g e . o n C o m p l e t e ( < p o r t > , { s t a t u s :   { c o d e :   0 , m s g :   ' ' } , d a t a :   { < a r g 1 0 > } } ) ; "
R a i n b o w B r i d g e W e b C h r o m e C l i e n t o n J s P r o m p t ( ) J s J a v a J a v a w i n d o w . p r o m p t ( ) J a v a o n J s P r o m p t ( ) i n v o k e 使 l o a d U r l ( ) J s
J s J a v a J s J a v a J a v a f i n d M e t h o d ( ) f i n d M e t h o d ( ) t h i s . m A r r a y M a p M a p
t h i s . m A r r a y M a p p u t M e t h o d ( ) p u t M e t h o d ( ) p a r s e M e s s a g e ( ) t h i s . m A r r a y M a p t h i s . m A r r a y M a p M e t h o d
a . P u b l i c   S t a t i c b . W e b V i e w ,   J S O N O b j e c t ,   J s C a l l B a c k M a p J s p u t M e t h o d ( ) p u t M e t h o d ( ) i n j e c t ( ) p u t M e t h o d ( ) t h i s . m I n j e c t C l a s s e s t h i s . m I n j e c t C l a s s e s c l a z z ( ) c l a z z ( ) o n C r e a t e ( ) w e b v i e w J s J s B r i d g e . c l a z z P u b l i c   S t a t i c W e b V i e w ,   J S O N O b j e c t , J s C a l l B a c k R a i n b o w B r i d g e J s J a v a J s J a v a J s w e b v i e w J s J a v a J s R a i n b o w B r i d g e J s J a v a J s
d e m o o n J s P r o m p t ( ) c h e c k W h i t e L i s t ( ) u r l J a v a R a i n b o w B r i d g e J s J a v a J s R a i n b o w B r i d g e d e m o w e b v i e w h t m l h t m l J s J a v a M a i n A c t i v i t y s c h e m e M a i n A c t i v i t y s c h e m e u r l u r l w e b v i e w
回复

举报

高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver| 手机版| 小黑屋|
Powered by Discuz! X3.4 Copyright © 2001-2020, Tencent Cloud. 商业源码建议获取授权,如侵犯您的权益,请联系客服处理