Examples with Database com.jsql.model.bean.database.Database used on opensource projects

Example 1 with Database

use of com.jsql.model.bean.database.Database in project jsql-injection by ron190.

the class AddDatabases method execute.

@Override
public void execute() {
    if (MediatorGui.treeDatabase() == null) {
        LOGGER.error("Unexpected unregistered MediatorGui.treeDatabase() in " + this.getClass());
    }
    // Tree model, update the tree (refresh, add node, etc)
    DefaultTreeModel treeModel = (DefaultTreeModel) MediatorGui.treeDatabase().getModel();
    // First node in tree
    DefaultMutableTreeNode root = (DefaultMutableTreeNode) treeModel.getRoot();
    // Loop into the list of databases
    for (Database database : this.databases) {
        // Create a node model with the database element
        AbstractNodeModel newTreeNodeModel = new NodeModelDatabase(database);
        // Create the node
        DefaultMutableTreeNode newNode = new DefaultMutableTreeNode(newTreeNodeModel);
        // Save the node
        MediatorGui.frame().getTreeNodeModels().put(database, newNode);
        // Add the node to the tree
        root.add(newNode);
    }
    // Refresh the tree
    treeModel.reload(root);
    // Open the root node
    MediatorGui.treeDatabase().expandPath(new TreePath(root.getPath()));
    MediatorGui.treeDatabase().setRootVisible(false);
}

Example 2 with Database

use of com.jsql.model.bean.database.Database in project jsql-injection by ron190.

the class NodeModelDatabase method runAction.

@Override
public void runAction() {
    final Database selectedDatabase = (Database) this.getElementDatabase();
    if (/*!this.isLoaded && */
    !this.isRunning()) {
        MediatorGui.frame().getTreeNodeModels().get(this.getElementDatabase()).removeAllChildren();
        DefaultTreeModel treeModel = (DefaultTreeModel) MediatorGui.treeDatabase().getModel();
        treeModel.reload(MediatorGui.frame().getTreeNodeModels().get(this.getElementDatabase()));
        new SwingWorker<Object, Object>() {

            @Override
            protected Object doInBackground() throws Exception {
                Thread.currentThread().setName("SwingWorkerNodeModelDatabase");
                return DataAccess.listTables(selectedDatabase);
            }
        }.execute();
        this.setRunning(true);
    }
}

Example 3 with Database

use of com.jsql.model.bean.database.Database in project jsql-injection by ron190.

the class AbstractTestSuite method listDatabases.

@Test
public void listDatabases() throws JSqlException {
    Set<Object> set1 = new HashSet<>();
    Set<Object> set2 = new HashSet<>();
    try {
        List<Database> dbs = DataAccess.listDatabases();
        List<String> databasesFound = new ArrayList<>();
        for (Database d : dbs) {
            databasesFound.add(d.toString());
        }
        set1.addAll(databasesFound);
        set2.addAll(this.databaseToFind);
        LOGGER.info("ListDatabases: found " + set1 + "\nto find " + set2 + "\n");
        Assert.assertTrue(!set1.isEmpty() && !set2.isEmpty() && set1.containsAll(set2));
    } catch (AssertionError e) {
        Set<Object> tmp = new TreeSet<>();
        for (Object x : set1) {
            if (!set2.contains(x)) {
                tmp.add(x);
            }
        }
        for (Object x : set2) {
            if (!set1.contains(x)) {
                tmp.add(x);
            }
        }
        throw new AssertionError("Error listDatabases: " + tmp + "\n" + e);
    }
}

Example 4 with Database

use of com.jsql.model.bean.database.Database in project jsql-injection by ron190.

the class DataAccess method listValues.

/**
 * Get table values and count each occurrences and send them to the view.<br>
 * Values are on clear text (not hexa) and follows this window pattern<br>
 * => hh[value 1]jj[count]hhgghh[value 2]jj[count]hhggh...hi<br>
 * Data window can be cut before the end of the request but the process helps to obtain
 * the rest of the unreachable data. The process can be interrupted by the user (stop/pause).
 * @param columns choosed by the user
 * @return a 2x2 table containing values by columns
 * @throws JSqlException when injection failure or stopped by user
 */
public static String[][] listValues(List<Column> columns) throws JSqlException {
    Database database = (Database) columns.get(0).getParent().getParent();
    Table table = (Table) columns.get(0).getParent();
    int rowCount = columns.get(0).getParent().getChildCount();
    // Inform the view that table has just been used
    Request request = new Request();
    request.setMessage(Interaction.START_PROGRESS);
    request.setParameters(table);
    MediatorModel.model().sendToViews(request);
    // Build an array of column names
    List<String> columnsName = new ArrayList<>();
    for (AbstractElementDatabase e : columns) {
        columnsName.add(e.toString());
    }
    /*
         * From that array, build the SQL fields nicely
         * =>  col1{%}col2...
         * ==> trim(ifnull(`col1`,0x00)),0x7f,trim(ifnull(`Col2`,0x00))...
         */
    String[] arrayColumns = columnsName.toArray(new String[columnsName.size()]);
    String resultToParse = "";
    try {
        String[] pageSource = { "" };
        resultToParse = new SuspendableGetRows().run(MediatorModel.model().getVendor().instance().sqlRows(arrayColumns, database, table), pageSource, true, rowCount, table);
    } catch (SlidingException e) {
        LOGGER.warn(e.getMessage(), e);
        // Get pieces of data already retreived instead of losing them
        if (!"".equals(e.getSlidingWindowAllRows())) {
            resultToParse = e.getSlidingWindowAllRows();
        } else if (!"".equals(e.getSlidingWindowCurrentRows())) {
            resultToParse = e.getSlidingWindowCurrentRows();
        }
    } catch (Exception e) {
        LOGGER.warn(e.getMessage(), e);
    }
    // Parse all the data we have retrieved
    Matcher regexSearch = Pattern.compile(MODE + ENCLOSE_VALUE_RGX + "([^\\x01-\\x09\\x0B-\\x0C\\x0E-\\x1F]*?)" + SEPARATOR_QTE_RGX + "([^\\x01-\\x09\\x0B-\\x0C\\x0E-\\x1F]*?)(\\x08)?" + ENCLOSE_VALUE_RGX).matcher(resultToParse);
    if (!regexSearch.find()) {
        throw new InjectionFailureException();
    }
    regexSearch.reset();
    int rowsFound = 0;
    List<List<String>> listValues = new ArrayList<>();
    // => row number, occurrence, value1, value2...
    while (regexSearch.find()) {
        String values = regexSearch.group(1);
        int instances = Integer.parseInt(regexSearch.group(2));
        listValues.add(new ArrayList<String>());
        listValues.get(rowsFound).add(Integer.toString(rowsFound + 1));
        listValues.get(rowsFound).add("x" + instances);
        for (String cellValue : values.split("\\x7F", -1)) {
            listValues.get(rowsFound).add(cellValue);
        }
        rowsFound++;
    }
    // Add the default title to the columns: row number, occurrence
    columnsName.add(0, "");
    columnsName.add(0, "");
    // Build a proper 2D array from the data
    String[][] tableDatas = new String[listValues.size()][columnsName.size()];
    for (int indexRow = 0; indexRow < listValues.size(); indexRow++) {
        boolean isIncomplete = false;
        for (int indexColumn = 0; indexColumn < columnsName.size(); indexColumn++) {
            try {
                tableDatas[indexRow][indexColumn] = listValues.get(indexRow).get(indexColumn);
            } catch (IndexOutOfBoundsException e) {
                isIncomplete = true;
                LOGGER.trace("Incomplete line found");
                // Ignore
                IgnoreMessageException exceptionIgnored = new IgnoreMessageException(e);
                LOGGER.trace(exceptionIgnored, exceptionIgnored);
            }
        }
        if (isIncomplete) {
            LOGGER.warn("String is too long, row #" + (indexRow + 1) + " is incomplete:");
            LOGGER.warn(String.join(", ", listValues.get(indexRow).toArray(new String[listValues.get(indexRow).size()])));
        }
    }
    arrayColumns = columnsName.toArray(new String[columnsName.size()]);
    // Group the columns names, values and Table object in one array
    Object[] objectData = { arrayColumns, tableDatas, table };
    Request requestCreateValuesTab = new Request();
    requestCreateValuesTab.setMessage(Interaction.CREATE_VALUES_TAB);
    requestCreateValuesTab.setParameters(objectData);
    MediatorModel.model().sendToViews(requestCreateValuesTab);
    Request requestEndProgress = new Request();
    requestEndProgress.setMessage(Interaction.END_PROGRESS);
    requestEndProgress.setParameters(table);
    MediatorModel.model().sendToViews(requestEndProgress);
    return tableDatas;
}

Example 5 with Database

use of com.jsql.model.bean.database.Database in project jsql-injection by ron190.

the class DataAccess method listDatabases.

/**
 * Get database names and table counts and send them to the view.<br>
 * Use readable text (not hexa) and parse this pattern:<br>
 * => hh[database name 1]jj[table count]hhgghh[database name 2]jj[table count]hhggh...hi<br>
 * Data window can be cut before the end of the request but the process helps to obtain
 * the rest of the unreachable data. The process can be interrupted by the user (stop/pause).
 * @return list of databases found
 * @throws JSqlException when injection failure or stopped by user
 */
public static List<Database> listDatabases() throws JSqlException {
    LOGGER.trace(I18n.valueByKey("LOG_FETCHING_DATABASES"));
    List<Database> databases = new ArrayList<>();
    String resultToParse = "";
    try {
        String[] sourcePage = { "" };
        resultToParse = new SuspendableGetRows().run(MediatorModel.model().getVendor().instance().sqlDatabases(), sourcePage, true, 0, null);
    } catch (SlidingException e) {
        LOGGER.warn(e.getMessage(), e);
        // Get pieces of data already retreived instead of losing them
        if (!"".equals(e.getSlidingWindowAllRows())) {
            resultToParse = e.getSlidingWindowAllRows();
        } else if (!"".equals(e.getSlidingWindowCurrentRows())) {
            resultToParse = e.getSlidingWindowCurrentRows();
        }
    } catch (Exception e) {
        LOGGER.warn(e.getMessage(), e);
    }
    // Parse all data we have retrieved
    Matcher regexSearch = Pattern.compile(MODE + ENCLOSE_VALUE_RGX + CELL_TABLE + ENCLOSE_VALUE_RGX).matcher(resultToParse);
    if (!regexSearch.find()) {
        throw new InjectionFailureException();
    }
    regexSearch.reset();
    // Build an array of Database objects from the data we have parsed
    while (regexSearch.find()) {
        String databaseName = regexSearch.group(1);
        String tableCount = regexSearch.group(2);
        Database newDatabase = new Database(databaseName, tableCount);
        databases.add(newDatabase);
    }
    Request request = new Request();
    request.setMessage(Interaction.ADD_DATABASES);
    request.setParameters(databases);
    MediatorModel.model().sendToViews(request);
    return databases;
}