Example 1 with IgnoreMessageException
use of com.jsql.model.exception.IgnoreMessageException in project jsql-injection by ron190.
the class ConnectionUtil method fixCustomRequestMethod.
/**
* Fix a wrong doing by Java core developers on design of HTTP method definition.
* Compatible HTTP methods are stored in an array but it cannot be modified in order
* to define your own method, whereas method should be customizable.
* @param connection which HTTP method must be customized
* @param customMethod to set on the connection
* @throws ProtocolException if backup solution fails during reflectivity
*/
public static void fixCustomRequestMethod(HttpURLConnection connection, String customMethod) throws ProtocolException {
// Add a default or custom method : check whether we are running on a buggy JRE
try {
connection.setRequestMethod(customMethod);
} catch (final ProtocolException pe) {
// Ignore
IgnoreMessageException exceptionIgnored = new IgnoreMessageException(pe);
LOGGER.trace(exceptionIgnored, exceptionIgnored);
try {
final Class<?> httpURLConnectionClass = connection.getClass();
final Class<?> parentClass = httpURLConnectionClass.getSuperclass();
final Field methodField;
Field methods = parentClass.getDeclaredField("methods");
methods.setAccessible(true);
Array.set(methods.get(connection), 1, customMethod);
// 'method' field.
if (parentClass == HttpsURLConnection.class) {
methodField = parentClass.getSuperclass().getDeclaredField("method");
} else {
methodField = parentClass.getDeclaredField("method");
}
methodField.setAccessible(true);
methodField.set(connection, customMethod);
} catch (Exception e) {
LOGGER.warn("Custom Request method definition failed, forcing method GET", e);
connection.setRequestMethod("GET");
}
}
}
Also used :
ProtocolException(java.net.ProtocolException)
Field(java.lang.reflect.Field)
IgnoreMessageException(com.jsql.model.exception.IgnoreMessageException)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
InjectionFailureException(com.jsql.model.exception.InjectionFailureException)
IgnoreMessageException(com.jsql.model.exception.IgnoreMessageException)
IOException(java.io.IOException)
ProtocolException(java.net.ProtocolException)
Example 2 with IgnoreMessageException
use of com.jsql.model.exception.IgnoreMessageException in project jsql-injection by ron190.
the class DiffMatchPatch method patchFromText.
/**
* Parse a textual representation of patches and return a List of Patch
* objects.
* @param textline Text representation of patches.
* @return List of Patch objects.
* @throws IllegalArgumentException If invalid input.
* @throws UnsupportedEncodingException
*/
public List<Patch> patchFromText(String textline) throws UnsupportedEncodingException {
List<Patch> patches = new LinkedList<>();
if (textline.length() == 0) {
return patches;
}
List<String> textList = Arrays.asList(textline.split("\n"));
Deque<String> text = new LinkedList<>(textList);
Patch patch;
Pattern patchHeader = Pattern.compile("^@@ -(\\d+),?(\\d*) \\+(\\d+),?(\\d*) @@$");
Matcher m;
char sign;
String line;
while (!text.isEmpty()) {
m = patchHeader.matcher(text.getFirst());
if (!m.matches()) {
throw new IllegalArgumentException("Invalid patch string: " + text.getFirst());
}
patch = new Patch();
patches.add(patch);
patch.setStart1(Integer.parseInt(m.group(1)));
if (m.group(2).length() == 0) {
patch.setStart1(patch.getStart1() - 1);
patch.setLength1(1);
} else if ("0".equals(m.group(2))) {
patch.setLength1(0);
} else {
patch.setStart1(patch.getStart1() - 1);
patch.setLength1(Integer.parseInt(m.group(2)));
}
patch.setStart2(Integer.parseInt(m.group(3)));
if (m.group(4).length() == 0) {
patch.setStart2(patch.getStart2() - 1);
patch.setLength2(1);
} else if ("0".equals(m.group(4))) {
patch.setLength2(0);
} else {
patch.setStart2(patch.getStart2() - 1);
patch.setLength2(Integer.parseInt(m.group(4)));
}
text.removeFirst();
while (!text.isEmpty()) {
try {
sign = text.getFirst().charAt(0);
} catch (IndexOutOfBoundsException e) {
// Ignore
IgnoreMessageException exceptionIgnored = new IgnoreMessageException(e);
LOGGER.trace(exceptionIgnored, exceptionIgnored);
// Blank line? Whatever.
text.removeFirst();
continue;
}
line = text.getFirst().substring(1);
// decode would change all "+" to " "
line = line.replace("+", "%2B");
try {
line = URLDecoder.decode(line, StandardCharsets.UTF_8.name());
} catch (IllegalArgumentException e) {
// Malformed URI sequence.
throw new IllegalArgumentException("Illegal escape in patch_fromText: " + line, e);
}
if (sign == '-') {
// Deletion.
patch.getDiffs().add(new Diff(Operation.DELETE, line));
} else if (sign == '+') {
// Insertion.
patch.getDiffs().add(new Diff(Operation.INSERT, line));
} else if (sign == ' ') {
// Minor equality.
patch.getDiffs().add(new Diff(Operation.EQUAL, line));
} else if (sign == '@') {
// Start of next patch.
break;
} else {
// WTF?
throw new IllegalArgumentException("Invalid patch mode '" + sign + "' in: " + line);
}
text.removeFirst();
}
}
return patches;
}
Also used :
Pattern(java.util.regex.Pattern)
Matcher(java.util.regex.Matcher)
IgnoreMessageException(com.jsql.model.exception.IgnoreMessageException)
LinkedList(java.util.LinkedList)
Example 3 with IgnoreMessageException
use of com.jsql.model.exception.IgnoreMessageException in project jsql-injection by ron190.
the class ObserverInteraction method update.
/**
* Observer pattern.<br>
* Receive an update order from the model:<br>
* - Use the Request message to get the Interaction class,<br>
* - Pass the parameters to that class.
*/
@Override
public void update(Observable model, Object newInteraction) {
Request interaction = (Request) newInteraction;
try {
Class<?> cl = Class.forName(this.packageInteraction + "." + interaction.getMessage());
Class<?>[] types = new Class[] { Object[].class };
Constructor<?> ct = cl.getConstructor(types);
InteractionCommand o2 = (InteractionCommand) ct.newInstance(new Object[] { interaction.getParameters() });
o2.execute();
} catch (ClassNotFoundException e) {
// Ignore unused interaction message
IgnoreMessageException ignore = new IgnoreMessageException(e);
LOGGER.trace(ignore, ignore);
} catch (InstantiationException | IllegalAccessException | NoSuchMethodException | SecurityException | IllegalArgumentException | InvocationTargetException e) {
LOGGER.error(e.getMessage(), e);
}
}
Also used :
Request(com.jsql.model.bean.util.Request)
IgnoreMessageException(com.jsql.model.exception.IgnoreMessageException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
Example 4 with IgnoreMessageException
use of com.jsql.model.exception.IgnoreMessageException in project jsql-injection by ron190.
the class Colorer method processEvent.
private void processEvent(int position, int adjustment) {
HighlightedDocument doc = this.document.get();
if (doc == null) {
return;
}
// slurp everything up into local variables in case another
// thread changes them during coloring process
AttributeSet globalStyle = doc.getGlobalStyle();
Lexer syntaxLexer = doc.getSyntaxLexer();
DocumentReader documentReader = doc.getDocumentReader();
Object docLock = doc.getDocumentLock();
if (globalStyle != null) {
int start = Math.min(position, position + adjustment);
int stop = Math.max(position, position + adjustment);
synchronized (docLock) {
doc.setCharacterAttributes(start, stop - start, globalStyle, true);
}
return;
}
SortedSet<DocPosition> workingSet;
Iterator<DocPosition> workingIt;
DocPosition startRequest = new DocPosition(position);
DocPosition endRequest = new DocPosition(position + Math.abs(adjustment));
DocPosition dp;
DocPosition dpStart = null;
DocPosition dpEnd;
// token before the current position
try {
// all the good positions before
workingSet = this.iniPositions.headSet(startRequest);
// the last of the stuff before
dpStart = workingSet.last();
} catch (NoSuchElementException e) {
// if there were no good positions before the requested
// start,
// we can always start at the very beginning.
dpStart = new DocPosition(0);
// Ignore
IgnoreMessageException exceptionIgnored = new IgnoreMessageException(e);
LOGGER.trace(exceptionIgnored, exceptionIgnored);
}
// list.
if (adjustment < 0) {
workingSet = this.iniPositions.subSet(startRequest, endRequest);
workingIt = workingSet.iterator();
while (workingIt.hasNext()) {
workingIt.next();
workingIt.remove();
}
}
// adjust the positions of everything after the
// insertion/removal.
workingSet = this.iniPositions.tailSet(startRequest);
workingIt = workingSet.iterator();
while (workingIt.hasNext()) {
workingIt.next().adjustPosition(adjustment);
}
// now go through and highlight as much as needed
workingSet = this.iniPositions.tailSet(dpStart);
workingIt = workingSet.iterator();
dp = null;
if (workingIt.hasNext()) {
dp = workingIt.next();
}
try {
Token t;
boolean done = false;
dpEnd = dpStart;
synchronized (docLock) {
// we are playing some games with the lexer for
// efficiency.
// we could just create a new lexer each time here,
// but instead,
// we will just reset it so that it thinks it is
// starting at the
// beginning of the document but reporting a funny
// start position.
// Reseting the lexer causes the close() method on
// the reader
// to be called but because the close() method has
// no effect on the
// DocumentReader, we can do this.
syntaxLexer.reset(documentReader, 0, dpStart.getPosition(), 0);
// After the lexer has been set up, scroll the
// reader so that it
// is in the correct spot as well.
documentReader.seek(dpStart.getPosition());
// we will highlight tokens until we reach a good
// stopping place.
// the first obvious stopping place is the end of
// the document.
// the lexer will return null at the end of the
// document and wee
// need to stop there.
t = syntaxLexer.getNextToken();
}
this.newPositions.add(dpStart);
while (!done && t != null) {
// stored in tokenStyles.
if (t.getCharEnd() <= doc.getLength()) {
doc.setCharacterAttributes(t.getCharBegin() + this.change, t.getCharEnd() - t.getCharBegin(), TokenStyles.getStyle(t.getDescription()), true);
// record the position of the last bit of
// text that we colored
dpEnd = new DocPosition(t.getCharEnd());
}
this.lastPosition = t.getCharEnd() + this.change;
// from there on is fine already.
if (t.getState() == Token.INITIAL_STATE) {
// equal to the current position
while (dp != null && dp.getPosition() <= t.getCharEnd()) {
if (dp.getPosition() == t.getCharEnd() && dp.getPosition() >= endRequest.getPosition()) {
// we have found a state that is the
// same
done = true;
dp = null;
} else if (workingIt.hasNext()) {
// didn't find it, try again.
dp = workingIt.next();
} else {
// didn't find it, and there is no more
// info from last
// time. This means that we will just
// continue
// until the end of the document.
dp = null;
}
}
// so that we can do this check next time,
// record all the
// initial states from this time.
this.newPositions.add(dpEnd);
}
synchronized (docLock) {
t = syntaxLexer.getNextToken();
}
}
// remove all the old initial positions from the place
// where
// we started doing the highlighting right up through
// the last
// bit of text we touched.
workingIt = this.iniPositions.subSet(dpStart, dpEnd).iterator();
while (workingIt.hasNext()) {
workingIt.next();
workingIt.remove();
}
// Remove all the positions that are after the end of
// the file.:
workingIt = this.iniPositions.tailSet(new DocPosition(doc.getLength())).iterator();
while (workingIt.hasNext()) {
workingIt.next();
workingIt.remove();
}
// and put the new initial positions that we have found
// on the list.
this.iniPositions.addAll(this.newPositions);
this.newPositions.clear();
} catch (IOException e) {
// Ignore
IgnoreMessageException exceptionIgnored = new IgnoreMessageException(e);
LOGGER.trace(exceptionIgnored, exceptionIgnored);
}
synchronized (docLock) {
this.lastPosition = -1;
this.change = 0;
}
}
Also used :
IgnoreMessageException(com.jsql.model.exception.IgnoreMessageException)
Token(com.jsql.view.swing.sql.lexer.syntax.Token)
IOException(java.io.IOException)
Lexer(com.jsql.view.swing.sql.lexer.syntax.Lexer)
AttributeSet(javax.swing.text.AttributeSet)
NoSuchElementException(java.util.NoSuchElementException)
Example 5 with IgnoreMessageException
use of com.jsql.model.exception.IgnoreMessageException in project jsql-injection by ron190.
the class DocumentReader method read.
/**
* Read and fill the buffer.
* This method will always fill the buffer unless the end of the document is reached.
*
* @param cbuf the buffer to fill.
* @param off offset into the buffer to begin the fill.
* @param len maximum number of characters to put in the buffer.
* @return the number of characters read or -1 if no more characters are available in the document.
*/
@Override
public int read(char[] cbuf, int off, int len) {
if (this.position < this.document.getLength()) {
int length = len;
if (this.position + length >= this.document.getLength()) {
length = this.document.getLength() - (int) this.position;
}
if (off + length >= cbuf.length) {
length = cbuf.length - off;
}
try {
String s = this.document.getText((int) this.position, length);
this.position += length;
for (int i = 0; i < length; i++) {
cbuf[off + i] = s.charAt(i);
}
return length;
} catch (BadLocationException e) {
// Ignore
IgnoreMessageException exceptionIgnored = new IgnoreMessageException(e);
LOGGER.trace(exceptionIgnored, exceptionIgnored);
return -1;
}
} else {
return -1;
}
}
Also used :
IgnoreMessageException(com.jsql.model.exception.IgnoreMessageException)
BadLocationException(javax.swing.text.BadLocationException)
Aggregations
IgnoreMessageException (com.jsql.model.exception.IgnoreMessageException)11
InjectionFailureException (com.jsql.model.exception.InjectionFailureException)4
IOException (java.io.IOException)4
Request (com.jsql.model.bean.util.Request)2
Field (java.lang.reflect.Field)2
ProtocolException (java.net.ProtocolException)2
Matcher (java.util.regex.Matcher)2
HttpsURLConnection (javax.net.ssl.HttpsURLConnection)2
BadLocationException (javax.swing.text.BadLocationException)2
AbstractElementDatabase (com.jsql.model.bean.database.AbstractElementDatabase)1
Database (com.jsql.model.bean.database.Database)1
Table (com.jsql.model.bean.database.Table)1
JSqlException (com.jsql.model.exception.JSqlException)1
SlidingException (com.jsql.model.exception.SlidingException)1
StoppedByUserSlidingException (com.jsql.model.exception.StoppedByUserSlidingException)1
SuspendableGetRows (com.jsql.model.suspendable.SuspendableGetRows)1
DigestMD4 (com.jsql.view.swing.bruteforce.DigestMD4)1
Lexer (com.jsql.view.swing.sql.lexer.syntax.Lexer)1
Token (com.jsql.view.swing.sql.lexer.syntax.Token)1
AWTException (java.awt.AWTException)1
