Example 1 with InjectionTime
use of com.jsql.model.injection.strategy.blind.InjectionTime in project jsql-injection by ron190.
the class StrategyInjectionTime method checkApplicability.
@Override
public void checkApplicability() throws StoppedByUserSlidingException {
if (StringUtils.isEmpty(this.injectionModel.getMediatorVendor().getVendor().instance().sqlBooleanTime())) {
LOGGER.log(LogLevel.CONSOLE_INFORM, "No Time strategy known for {}", this.injectionModel.getMediatorVendor().getVendor());
} else {
LOGGER.log(LogLevel.CONSOLE_DEFAULT, "{} Time with AND...", () -> I18nUtil.valueByKey("LOG_CHECKING_STRATEGY"));
this.injectionTime = new InjectionTime(this.injectionModel, BooleanMode.AND);
this.isApplicable = this.injectionTime.isInjectable();
if (!this.isApplicable) {
LOGGER.log(LogLevel.CONSOLE_DEFAULT, "{} Time with OR...", () -> I18nUtil.valueByKey("LOG_CHECKING_STRATEGY"));
this.injectionTime = new InjectionTime(this.injectionModel, BooleanMode.OR);
this.isApplicable = this.injectionTime.isInjectable();
if (this.isApplicable) {
LOGGER.log(LogLevel.CONSOLE_SUCCESS, "{} Time injection with OR", () -> I18nUtil.valueByKey("LOG_VULNERABLE"));
}
} else {
LOGGER.log(LogLevel.CONSOLE_SUCCESS, "{} Time injection with AND", () -> I18nUtil.valueByKey("LOG_VULNERABLE"));
}
if (this.isApplicable) {
this.allow();
var requestMessageBinary = new Request();
requestMessageBinary.setMessage(Interaction.MESSAGE_BINARY);
requestMessageBinary.setParameters(this.injectionTime.getInfoMessage());
this.injectionModel.sendToViews(requestMessageBinary);
} else {
this.unallow();
}
}
}
Also used :
Request(com.jsql.model.bean.util.Request)
InjectionTime(com.jsql.model.injection.strategy.blind.InjectionTime)
Aggregations
Request (com.jsql.model.bean.util.Request)1
InjectionTime (com.jsql.model.injection.strategy.blind.InjectionTime)1
