帆软channel接口反序列化漏洞分析

语言: CN / TW / HK

1.漏洞信息

近日,监测到帆软官方网站上爆出一则channel接口反序列化漏洞

https://help.fanruan.com/finereport/doc-view-4833.html

该接口接受序列化数据并对其进行反序列化。配合帆软内置CB链导致任意代码执行。该漏洞在 FineBI V5.1.10 测试下通过, V5.1.18 测试下未通过。原因是高版本的帆软采用了反序列化黑名单机制。

2.漏洞环境搭建

官网下载即可 : https://www.finebi.com/product/download

3.漏洞分析

首先需要定位漏洞路由 webroot/decision/remote/design/channel

查看日志。可以查看所有装载的路由

很容易就能定位到类名

全局搜一下。定位到 FineBI5.1\webapps\webroot\WEB-INF\lib\fine-decision-report-10.0.jar

这里会读入post进来的数据,然后传递给

WorkContext.handleMessage(var3)

我们跟进

继续跟进 handleMessage
到这里会进入 deserializeInvocation

到这里会传入两个参数给 SerializerHelper.deserialize
InvocationSerializer 来包装了 GZipSerializerWrapper 类。这个待会构造的时候会用到。

继续跟进 SerializerHelper.deserialize
这里比较普通,把传入的序列化字符进行 deserialize

此时的var1是我们刚才传入的 GZipSerializerWrapper 类。

进入到 GZipSerializerWrapperdeserialize 函数。这里对inputstream用 GZIPInputStream 进行了一次包装。然后使用了 this.serializer 进行一次反序列化。

刚才我们所说用 InvocationSerializer 来包装了 GZipSerializerWrapper 类。

根据这两张图,我们知道这里的 this.serializer 现在的值是 InvocationSerializer 。因此这里调用的是 InvocationSerializerdeserialize 函数。因此继续跟进。

到这里就是真正的反序列化的地方了,这里对inputstream又进行了 CustomObjectInputStream 的包装。在以后的漏洞修复版本中,对反序列化的黑名单也是写在 CustomObjectInputStream 的类加载器里的。

最后对序列化对象进行了 Map var4 = (Map)var2.readObject(); 造成了反序列化漏洞。

4.漏洞利用

刚才我们分析了漏洞的流程。现在我们来思考一下如何编写恶意的序列化字符。

根据刚才所说,我们传入的 inputstream 要进行两次包装。

这里我们有几种选择,CB链或者c3p0链都可以打。因为c3p0需要加载远程字节码。比较麻烦,所以这里考虑使用CB链来执行任意代码。

EXP已删除

这里构造出exp。

运行CB.java得到base64字符串。对其进行加密并post提交。

简单写个脚本

import base64

import requests

burp0_url = "http://127.0.0.1:37799/webroot/decision/remote/design/channel"

burp0_headers = {"Content-Type": "application/x-www-form-urlencoded"}

proxies={

    "https":"http://127.0.0.1:8080"

}

b = b"******"

burp0_data = base64.b64decode(b)

res = requests.post(burp0_url, headers=burp0_headers, data=burp0_data,proxies=proxies, verify=False)

print(res.text)

测试,发现成功RCE。

成功复现。

5.修复方式

刚才也提到了。新版本在反序列化的时候,在 CustomObjectInputStream 的类加载器中加了黑名单。这里新版用的是 FineBI V5.1.18 。中间版本暂未检测。

blacklist.txt

br.com.anteros.dbcp.AnterosDBCPConfig  
br.com.anteros.dbcp.AnterosDBCPDataSource  
bsh.Interpreter  
bsh.XThis  
ch.qos.logback.core.db.DriverManagerConnectionSource  
ch.qos.logback.core.db.JNDIConnectionSource  
clojure.inspector.proxy$javax.swing.table.AbstractTableModel$ff19274a  
clojure.lang.PersistentArrayMap  
com.alibaba.fastjson.TypeReference  
com.caucho.config.types.ResourceRef  
com.fr.third.apache.log4j.receivers.db.DriverManagerConnectionSource  
com.fr.third.apache.log4j.receivers.db.JNDIConnectionSource  
com.fr.third.net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup  
com.fr.third.net.sf.ehcache.transaction.manager.selector.GenericJndiSelector  
com.fr.third.net.sf.ehcache.transaction.manager.selector.GlassfishSelector  
com.fr.third.org.apache.commons.beanutils.BeanComparator  
com.fr.third.org.apache.commons.codec.binary.Base64  
com.fr.third.org.apache.commons.collections.comparators.TransformingComparator  
com.fr.third.org.apache.commons.collections.functors.ChainedTransformer  
com.fr.third.org.apache.commons.collections.functors.ConstantTransformer  
com.fr.third.org.apache.commons.collections.functors.InstantiateTransformer  
com.fr.third.org.apache.commons.collections.functors.InvokerTransformer  
com.fr.third.org.apache.commons.collections.functors.MapTransformer  
com.fr.third.org.apache.commons.collections.keyvalue.TiedMapEntry  
com.fr.third.org.apache.commons.collections.map.LazyMap  
com.fr.third.org.apache.commons.collections.Transformer  
com.fr.third.org.apache.commons.collections4.comparators.TransformingComparator  
com.fr.third.org.apache.commons.collections4.functors.ChainedTransformer  
com.fr.third.org.apache.commons.collections4.functors.ConstantTransformer  
com.fr.third.org.apache.commons.collections4.functors.InstantiateTransformer  
com.fr.third.org.apache.commons.collections4.functors.InvokerTransformer  
com.fr.third.org.apache.commons.collections4.functors.MapTransformer  
com.fr.third.org.apache.commons.collections4.keyvalue.TiedMapEntry  
com.fr.third.org.apache.commons.collections4.map.LazyMap  
com.fr.third.org.apache.commons.collections4.Transformer  
com.fr.third.org.apache.commons.fileupload.disk.DiskFileItem  
com.fr.third.org.apache.commons.io.FileUtils  
com.fr.third.org.apache.commons.io.output.DeferredFileOutputStream  
com.fr.third.org.apache.commons.io.output.ThresholdingOutputStream  
com.fr.third.org.hibernate.engine.spi.TypedValue  
com.fr.third.org.hibernate.engine.spi.TypedValue$1  
com.fr.third.org.hibernate.engine.TypedValue  
com.fr.third.org.hibernate.EntityMode  
com.fr.third.org.hibernate.jmx.StatisticsService  
com.fr.third.org.hibernate.property.access.spi.Getter  
com.fr.third.org.hibernate.property.access.spi.GetterMethodImpl  
com.fr.third.org.hibernate.property.BasicPropertyAccessor$BasicGetter  
com.fr.third.org.hibernate.property.Getter  
com.fr.third.org.hibernate.tuple.component.AbstractComponentTuplizer  
com.fr.third.org.hibernate.tuple.component.PojoComponentTuplizer  
com.fr.third.org.hibernate.tuple.entity.EntityEntityModeToTuplizerMapping  
com.fr.third.org.hibernate.tuple.EntityModeToTuplizerMapping  
com.fr.third.org.hibernate.type.AbstractType  
com.fr.third.org.hibernate.type.ComponentType  
com.fr.third.org.hibernate.type.Type  
com.fr.third.org.apache.commons.collections.map.TransformedMap  
com.fr.third.org.apache.commons.collections4.map.TransformedMap  
com.fr.third.org.v2.apache.commons.collections4.map.TransformedMap  
com.fr.third.org.quartz.utils.JNDIConnectionProvider  
com.fr.third.org.reflections.Reflections  
com.fr.third.org.springframework.aop.config.MethodLocatingFactoryBean  
com.fr.third.org.springframework.aop.support.AbstractBeanFactoryPointcutAdvisor  
com.fr.third.org.springframework.beans.factory.config.BeanReferenceFactoryBean  
com.fr.third.org.springframework.beans.factory.config.PropertyPathFactoryBean  
com.fr.third.slf4j.ext.EventData  
com.fr.third.springframework.aop.framework.AdvisedSupport  
com.fr.third.springframework.aop.framework.JdkDynamicAopProxy  
com.fr.third.springframework.aop.target.SingletonTargetSource  
com.fr.third.springframework.aop.TargetSource  
com.fr.third.springframework.beans.factory.ObjectFactory  
com.fr.third.springframework.beans.factory.support.AutowireUtils$ObjectFactoryDelegatingInvocationHandler  
com.fr.third.springframework.core.SerializableTypeWrapper.$MethodInvokeTypeProvider  
com.fr.third.springframework.transaction.jta.JtaTransactionManager  
com.fr.third.springframework.web.servlet.handler.HandlerInterceptorAdapter  
com.fr.third.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping  
com.fr.third.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping  
com.fr.third.springframework.web.servlet.support.RequestContextUtils  
com.fr.third.sun.misc.BASE64Decoder  
com.fr.third.sun.misc.BASE64Encoder  
com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig  
com.mchange.v2.c3p0.ComboPooledDataSource  
com.mchange.v2.c3p0.debug.AfterCloseLoggingComboPooledDataSource  
com.mchange.v2.c3p0.impl.PoolBackedDataSourceBase  
com.mchange.v2.c3p0.JndiRefForwardingDataSource  
com.mchange.v2.c3p0.PoolBackedDataSource  
com.mysql.cj.jdbc.admin.MiniAdmin  
com.mysql.cj.jdbc.MysqlConnectionPoolDataSource  
com.mysql.cj.jdbc.MysqlXADataSource  
com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource  
com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource  
com.nqadmin.rowset.JdbcRowSetImpl  
com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool  
com.p6spy.engine.spy.P6DataSource  
com.pastdev.httpcomponents.configuration.JndiConfiguration  
com.sun.deploy.security.ruleset.DRSHelper  
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor  
com.sun.jmx.mbeanserver.JmxMBeanServer  
com.sun.jmx.mbeanserver.NamedObject  
com.sun.jmx.mbeanserver.Repository  
com.sun.org.apache.bcel.internal.util.ClassLoader  
com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool  
com.sun.org.apache.xalan.internal.xslt.ObjectFactory  
com.sun.org.apache.xalan.internal.xslt.Process  
com.sun.org.apache.xalan.internal.xsltc.DOM  
com.sun.org.apache.xalan.internal.xsltc.runtime.AbstractTranslet  
com.sun.org.apache.xalan.internal.xsltc.TransletException  
com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl  
com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl  
com.sun.org.apache.xml.internal.dtm.DTMAxisIterator  
com.sun.org.apache.xml.internal.serializer.SerializationHandler  
com.sun.rowset.JdbcRowSetImpl  
com.sun.syndication.feed.impl.ObjectBean  
com.vaadin.data.Property  
com.vaadin.data.util.NestedMethodProperty  
com.vaadin.data.util.PropertysetItem  
com.zaxxer.hikari.HikariConfig  
com.zaxxer.hikari.HikariDataSource  
flex.messaging.util.concurrent.AsynchBeansWorkManagerExecutor  
groovy.lang.Closure  
java.beans.EventHandler  
java.lang.reflect.Proxy  
java.net.Inet4Address  
java.net.Inet6Address  
java.net.InetAddress  
java.net.InetSocketAddress  
java.net.Socket  
java.net.URL  
java.net.URLStreamHandler  
java.rmi.registry.Registry  
java.rmi.RemoteObjectInvocationHandler  
java.rmi.server.ObjID  
java.rmi.server.RemoteObject  
java.rmi.server.RemoteRef  
java.rmi.server.UnicastRemoteObject  
java.util.Base64  
java.util.Comparator  
java.util.logging.FileHandler  
java.util.PriorityQueue  
javax.el.ELContext  
javax.faces.context.FacesContext  
javax.management.BadAttributeValueExpException  
javax.management.DynamicMBean  
javax.management.MBeanServer  
javax.management.MBeanServerInvocationHandler  
javax.management.ObjectName  
javax.management.openmbean.CompositeData  
javax.management.openmbean.CompositeDataInvocationHandler  
javax.management.openmbean.CompositeType  
javax.management.openmbean.OpenDataException  
javax.management.openmbean.OpenType  
javax.management.openmbean.SimpleType  
javax.management.openmbean.TabularDataSupport  
javax.management.openmbean.TabularType  
javax.net.SocketFactory  
javax.servlet.http.HttpSession  
javax.servlet.ServletContext  
javax.servlet.ServletRequestEvent  
javax.servlet.ServletRequestListener  
javax.swing.JEditorPane  
javax.swing.JTextPane  
javax.xml.transform.Templates  
jodd.db.connection.DataSourceConnectionProvider  
net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup  
net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup  
net.sf.ehcache.transaction.manager.selector.GenericJndiSelector  
net.sf.ehcache.transaction.manager.selector.GlassfishSelector  
net.sf.json.JSONObject  
oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS  
oadd.org.apache.commons.dbcp.datasources.PerUserPoolDataSource  
oadd.org.apache.commons.dbcp.datasources.SharedPoolDataSource  
oadd.org.apache.xalan.lib.sql.JNDIConnectionPool  
om.mchange.v2.c3p0.WrapperConnectionPoolDataSource  
om.sun.corba.se.spi.orbutil.proxy.CompositeInvocationHandlerImpl  
oracle.jdbc.connector.OracleManagedConnectionFactory  
oracle.jdbc.pool.OraclePooledConnection  
oracle.jdbc.rowset.OracleJDBCRowSet  
oracle.jms.AQjmsQueueConnectionFactory  
oracle.jms.AQjmsTopicConnectionFactory  
oracle.jms.AQjmsXAConnectionFactory  
oracle.jms.AQjmsXAQueueConnectionFactory  
oracle.jms.AQjmsXATopicConnectionFactory  
org..springframework.transaction.jta.JtaTransactionManager  
org.aoju.bus.proxy.provider.remoting.RmiProvider  
org.aoju.bus.proxy.provider.RmiProvider  
org.apache.activemq.ActiveMQConnectionFactory  
org.apache.activemq.ActiveMQXAConnectionFactory  
org.apache.activemq.jms.pool.JcaPooledConnectionFactory  
org.apache.activemq.jms.pool.XaPooledConnectionFactory  
org.apache.activemq.pool.JcaPooledConnectionFactory  
org.apache.activemq.pool.PooledConnectionFactory  
org.apache.activemq.pool.XaPooledConnectionFactory  
org.apache.activemq.spring.ActiveMQConnectionFactory  
org.apache.activemq.spring.ActiveMQXAConnectionFactory  
org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory  
org.apache.aries.transaction.jms.RecoverablePooledConnectionFactory  
org.apache.axis2.jaxws.spi.handler.HandlerResolverImpl  
org.apache.axis2.transport.jms.JMSOutTransportInfo  
org.apache.bcel.internal.util.ClassLoader  
org.apache.catalina.authenticator.AuthenticatorBase  
org.apache.catalina.connector.Request  
org.apache.catalina.connector.RequestFacade  
org.apache.catalina.connector.Response  
org.apache.catalina.core.ApplicationFilterConfig  
org.apache.catalina.core.ApplicationServletRegistration  
org.apache.catalina.core.StandardContext  
org.apache.catalina.core.StandardService  
org.apache.catalina.core.StandardWrapperValue.invoke  
org.apache.catalina.deploy.FilterDef  
org.apache.catalina.deploy.FilterMap  
org.apache.catalina.loader.ParallelWebappClassLoader  
org.apache.catalina.loader.WebappClassLoaderBase  
org.apache.click.control.Column  
org.apache.click.control.Column$ColumnComparator  
org.apache.click.control.Table  
org.apache.commons.beanutils.BeanComparator  
org.apache.commons.codec.binary.Base64  
org.apache.commons.collections.comparators.TransformingComparator  
org.apache.commons.collections.functors.ChainedTransformer  
org.apache.commons.collections.functors.ConstantTransformer  
org.apache.commons.collections.functors.InstantiateTransformer  
org.apache.commons.collections.functors.InvokerTransformer  
org.apache.commons.collections.functors.MapTransformer  
org.apache.commons.collections.keyvalue.TiedMapEntry  
org.apache.commons.collections.map.LazyMap  
org.apache.commons.collections.map.TransformedMap  
org.apache.commons.collections.Transformer  
org.apache.commons.collections4.comparators.TransformingComparator  
org.apache.commons.collections4.functors.ChainedTransformer  
org.apache.commons.collections4.functors.ConstantTransformer  
org.apache.commons.collections4.functors.InstantiateTransformer  
org.apache.commons.collections4.functors.InvokerTransformer  
org.apache.commons.collections4.functors.MapTransformer  
org.apache.commons.collections4.keyvalue.TiedMapEntry  
org.apache.commons.collections4.map.LazyMap  
org.apache.commons.collections4.map.TransformedMap  
org.apache.commons.collections4.Transformer  
org.apache.commons.configuration.JNDIConfiguration  
org.apache.commons.configuration2.JNDIConfiguration  
org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS  
org.apache.commons.dbcp.datasources.PerUserPoolDataSource  
org.apache.commons.dbcp.datasources.SharedPoolDataSource  
org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS  
org.apache.commons.dbcp2.datasources.PerUserPoolDataSource  
org.apache.commons.dbcp2.datasources.SharedPoolDataSource  
org.apache.commons.fileupload.disk.DiskFileItem  
org.apache.commons.io.FileUtils  
org.apache.commons.io.output.DeferredFileOutputStream  
org.apache.commons.io.output.ThresholdingOutputStream  
org.apache.commons.jelly.impl.Embedded  
org.apache.commons.proxy.provider.remoting.RmiProvider  
org.apache.coyote.AbstractProtocol;  
org.apache.coyote.ProtocolHandler  
org.apache.coyote.Request  
org.apache.coyote.Response  
org.apache.cxf.jaxrs.provider.XSLTJaxbProvider  
org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig  
org.apache.ibatis.datasource.jndi.JndiDataSourceFactory  
org.apache.ibatis.parsing.XPathParser  
org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory  
org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup  
org.apache.log4j.receivers.db.DriverManagerConnectionSource  
org.apache.log4j.receivers.db.JNDIConnectionSource  
org.apache.myfaces.context.servlet.FacesContextImpl  
org.apache.myfaces.context.servlet.FacesContextImplBase  
org.apache.myfaces.el.CompositeELResolver  
org.apache.myfaces.el.unified.FacesELContext  
org.apache.myfaces.view.facelets.el.ValueExpressionMethodExpression  
org.apache.openjpa.ee.JNDIManagedRuntime  
org.apache.openjpa.ee.RegistryManagedRuntime  
org.apache.openjpa.ee.WASRegistryManagedRuntime  
org.apache.shiro.codec.Base64  
org.apache.shiro.codec.CodecSupport  
org.apache.shiro.crypto.AesCipherService  
org.apache.shiro.io.DefaultSerializer  
org.apache.shiro.jndi.JndiObjectFactory  
org.apache.shiro.realm.jndi.JndiRealmFactory  
org.apache.shiro.util.ByteSource  
org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS  
org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource  
org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource  
org.apache.tomcat.dbcp.dbcp2.BasicDataSourc  
org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS  
org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource  
org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource  
org.apache.tomcat.util.buf.ByteChunk  
org.apache.tomcat.util.descriptor.web.FilterDef  
org.apache.tomcat.util.descriptor.web.FilterMap  
org.apache.tomcat.util.modeler.BaseModelMBean  
org.apache.tomcat.util.modeler.Registry  
org.apache.wicket.util.file.Files  
org.apache.wicket.util.io.DeferredFileOutputStream  
org.apache.wicket.util.io.ThresholdingOutputStream  
org.apache.wicket.util.upload.DiskFileItem  
org.apache.xalan.lib.sql.JNDIConnectionPool  
org.apache.xalan.xslt.ObjectFactory  
org.apache.xalan.xslt.Process  
org.apache.xalan.xsltc.DOM  
org.apache.xalan.xsltc.runtime.AbstractTranslet  
org.apache.xalan.xsltc.TransletException  
org.apache.xalan.xsltc.trax.TemplatesImpl  
org.apache.xalan.xsltc.trax.TransformerFactoryImpl  
org.apache.xbean.propertyeditor.JndiConverter  
org.apache.xml.dtm.DTMAxisIterator  
org.apache.xml.serializer.SerializationHandler  
org.arrah.framework.rdbms.UpdatableJdbcRowsetImpl  
org.aspectj.weaver.tools.cache.SimpleCache$StoreableCachingMap  
org.codehaus.groovy.runtime.ConvertedClosure  
org.codehaus.groovy.runtime.MethodClosure  
org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool  
org.hibernate.engine.spi.TypedValue  
org.hibernate.engine.spi.TypedValue$1  
org.hibernate.engine.TypedValue  
org.hibernate.EntityMode  
org.hibernate.jmx.StatisticsService  
org.hibernate.property.access.spi.Getter  
org.hibernate.property.access.spi.GetterMethodImpl  
org.hibernate.property.BasicPropertyAccessor$BasicGetter  
org.hibernate.property.Getter  
org.hibernate.tuple.component.AbstractComponentTuplizer  
org.hibernate.tuple.component.PojoComponentTuplizer  
org.hibernate.tuple.entity.EntityEntityModeToTuplizerMapping  
org.hibernate.tuple.EntityModeToTuplizerMapping  
org.hibernate.type.AbstractType  
org.hibernate.type.ComponentType  
org.hibernate.type.Type  
org.jboss.interceptor.builder.InterceptionModelBuilder  
org.jboss.interceptor.builder.MethodReference  
org.jboss.interceptor.proxy.DefaultInvocationContextFactory  
org.jboss.interceptor.proxy.InterceptorMethodHandler  
org.jboss.interceptor.reader.ClassMetadataInterceptorReference  
org.jboss.interceptor.reader.DefaultMethodMetadata  
org.jboss.interceptor.reader.ReflectiveClassMetadata  
org.jboss.interceptor.reader.SimpleInterceptorMetadata  
org.jboss.interceptor.spi.context.InvocationContextFactory  
org.jboss.interceptor.spi.instance.InterceptorInstantiator  
org.jboss.interceptor.spi.metadata.ClassMetadata  
org.jboss.interceptor.spi.metadata.InterceptorReference  
org.jboss.interceptor.spi.metadata.MethodMetadata  
org.jboss.interceptor.spi.model.InterceptionModel  
org.jboss.interceptor.spi.model.InterceptionType  
org.jboss.remoting3.Channel  
org.jboss.remoting3.Connection  
org.jboss.remoting3.Endpoint  
org.jboss.remoting3.OpenListener  
org.jboss.remoting3.remote.HttpUpgradeConnectionProviderFactory  
org.jboss.remoting3.Remoting  
org.jboss.remoting3.spi.ConnectionHandler  
org.jboss.remoting3.spi.ConnectionHandlerContext  
org.jboss.remoting3.spi.ConnectionHandlerFactory  
org.jboss.util.propertyeditor.DocumentEditor  
org.jboss.weld.interceptor.builder.InterceptionModelBuilder  
org.jboss.weld.interceptor.builder.MethodReference  
org.jboss.weld.interceptor.proxy.DefaultInvocationContextFactory  
org.jboss.weld.interceptor.proxy.InterceptorMethodHandler  
org.jboss.weld.interceptor.reader.ClassMetadataInterceptorReference  
org.jboss.weld.interceptor.reader.DefaultMethodMetadata  
org.jboss.weld.interceptor.reader.ReflectiveClassMetadata  
org.jboss.weld.interceptor.reader.SimpleInterceptorMetadata  
org.jboss.weld.interceptor.spi.context.InvocationContextFactory  
org.jboss.weld.interceptor.spi.instance.InterceptorInstantiator  
org.jboss.weld.interceptor.spi.metadata.ClassMetadata  
org.jboss.weld.interceptor.spi.metadata.InterceptorReference  
org.jboss.weld.interceptor.spi.metadata.MethodMetadata  
org.jboss.weld.interceptor.spi.model.InterceptionModel  
org.jboss.weld.interceptor.spi.model.InterceptionType  
org.jdom.Document  
org.jdom.Element  
org.jdom.input.SAXBuilder  
org.jdom.transform.XSLTransformer  
org.jdom2.transform.XSLTransformer  
org.jsecurity.realm.jndi.JndiRealmFactory  
org.mozilla.javascript.Callable  
org.mozilla.javascript.ClassCache  
org.mozilla.javascript.Context  
org.mozilla.javascript.IdScriptableObject  
org.mozilla.javascript.MemberBox  
org.mozilla.javascript.NativeError  
org.mozilla.javascript.NativeJavaArray  
org.mozilla.javascript.NativeJavaMethod  
org.mozilla.javascript.NativeJavaObject  
org.mozilla.javascript.NativeObject  
org.mozilla.javascript.Scriptable  
org.mozilla.javascript.ScriptableObject  
org.mozilla.javascript.tools.shell.Environment  
org.python.core.PyBytecode  
org.python.core.PyFunction  
org.python.core.PyObject  
org.python.core.PyString  
org.python.core.PyStringMap  
org.quartz.utils.JNDIConnectionProvider  
org.reflections.Reflections  
org.slf4j.ext.EventData  
org.springframework.aop.config.MethodLocatingFactoryBean  
org.springframework.aop.framework.AdvisedSupport  
org.springframework.aop.framework.JdkDynamicAopProxy  
org.springframework.aop.support.AbstractBeanFactoryPointcutAdvisor  
org.springframework.aop.target.SingletonTargetSource  
org.springframework.aop.TargetSource  
org.springframework.beans.factory.config.BeanReferenceFactoryBean  
org.springframework.beans.factory.config.PropertyPathFactoryBean  
org.springframework.beans.factory.ObjectFactory  
org.springframework.beans.factory.support.AutowireUtils$ObjectFactoryDelegatingInvocationHandler  
org.springframework.core.SerializableTypeWrapper.$MethodInvokeTypeProvider  
org.springframework.web.servlet.handler.HandlerInterceptorAdapter  
org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping  
org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping  
org.springframework.web.servlet.support.RequestContextUtils  
org.xnio.FutureResult  
org.xnio.IoFuture  
org.xnio.OptionMap  
org.xnio.Options  
org.xnio.Result  
org.xnio.ssl.JsseXnioSsl  
org.xnio.Xnio  
org.xnio.XnioWorker  
sun.misc.BASE64Decoder  
sun.misc.BASE64Encoder  
sun.reflect.annotation.AnnotationInvocationHandler  
sun.rmi.server.ActivationGroupImpl  
sun.rmi.server.UnicastRef  
sun.rmi.server.UnicastServerRef  
sun.rmi.transport.LiveRef  
sun.rmi.transport.tcp.TCPEndpoint