use of com.jsql.model.injection.vendor.model.Vendor in project jsql-injection by ron190.
the class MediatorVendor method fingerprintVendor.
public Vendor fingerprintVendor() {
Vendor vendorFound = null;
if (this.injectionModel.getMediatorVendor().getVendorByUser() != this.injectionModel.getMediatorVendor().getAuto()) {
vendorFound = this.injectionModel.getMediatorVendor().getVendorByUser();
LOGGER.log(LogLevel.CONSOLE_INFORM, MediatorVendor.LOG_VENDOR, () -> I18nUtil.valueByKey("LOG_DATABASE_TYPE_FORCED_BY_USER"), () -> this.injectionModel.getMediatorVendor().getVendorByUser());
} else {
LOGGER.log(LogLevel.CONSOLE_DEFAULT, "Fingerprinting database...");
var insertionCharacter = "'\"#-)'\"*";
String pageSource = this.injectionModel.injectWithoutIndex(insertionCharacter, "test#vendor");
var mediatorVendor = this.injectionModel.getMediatorVendor();
Vendor[] vendorsWithoutAuto = mediatorVendor.getVendors().stream().filter(v -> v != mediatorVendor.getAuto()).toArray(Vendor[]::new);
// Test each vendor
for (Vendor vendorTest : vendorsWithoutAuto) {
if (pageSource.matches("(?si)" + vendorTest.instance().fingerprintErrorsAsRegex())) {
vendorFound = vendorTest;
LOGGER.log(LogLevel.CONSOLE_SUCCESS, MediatorVendor.LOG_VENDOR, () -> "Basic fingerprint matching vendor", () -> vendorTest);
break;
}
}
vendorFound = this.initializeVendor(vendorFound);
}
var requestSetVendor = new Request();
requestSetVendor.setMessage(Interaction.SET_VENDOR);
requestSetVendor.setParameters(vendorFound);
this.injectionModel.sendToViews(requestSetVendor);
return vendorFound;
}
use of com.jsql.model.injection.vendor.model.Vendor in project jsql-injection by ron190.
the class SqlEngine method initializeMenuVendor.
private static JPanel initializeMenuVendor() {
var panelCombo = new JPanel();
panelCombo.setLayout(new BorderLayout());
panelCombo.setOpaque(false);
// Disable overlap with zerosizesplitter
panelCombo.setBorder(BorderFactory.createEmptyBorder(1, 0, 0, 0));
panelCombo.setPreferredSize(new Dimension(Integer.MAX_VALUE, 25));
panelCombo.setMaximumSize(new Dimension(Integer.MAX_VALUE, 25));
var menuBarVendor = new JMenuBar();
menuBarVendor.setOpaque(false);
menuBarVendor.setBorder(null);
JMenu comboMenuVendor = new ComboMenu(MediatorHelper.model().getMediatorVendor().getVendor().toString());
menuBarVendor.add(comboMenuVendor);
var groupVendor = new ButtonGroup();
List<Vendor> listVendors = new LinkedList<>(MediatorHelper.model().getMediatorVendor().getVendors());
listVendors.removeIf(vendor -> vendor == MediatorHelper.model().getMediatorVendor().getAuto());
for (final Vendor vendor : listVendors) {
JMenuItem itemRadioVendor = new JRadioButtonMenuItem(vendor.toString(), vendor == MediatorHelper.model().getMediatorVendor().getVendor());
itemRadioVendor.addActionListener(actionEvent -> {
SqlEngine.modelYaml = vendor.instance().getModelYaml();
SqlEngine.initializeTextComponents();
comboMenuVendor.setText(vendor.toString());
});
itemRadioVendor.setUI(new BasicRadioButtonMenuItemUI() {
@Override
protected void doClick(MenuSelectionManager msm) {
this.menuItem.doClick(0);
}
});
comboMenuVendor.add(itemRadioVendor);
groupVendor.add(itemRadioVendor);
}
panelCombo.add(menuBarVendor, BorderLayout.LINE_END);
// Do Overlay
panelCombo.setAlignmentX(FlowLayout.TRAILING);
panelCombo.setAlignmentY(Component.BOTTOM_ALIGNMENT);
return panelCombo;
}
use of com.jsql.model.injection.vendor.model.Vendor in project jsql-injection by ron190.
the class SuspendableGetCharInsertion method run.
@Override
public String run(Object... args) throws JSqlException {
String characterInsertionByUser = (String) args[0];
ExecutorService taskExecutor = this.injectionModel.getMediatorUtils().getThreadUtil().getExecutor("CallableGetInsertionCharacter");
CompletionService<CallablePageSource> taskCompletionService = new ExecutorCompletionService<>(taskExecutor);
var charFromBooleanMatch = new String[1];
List<String> charactersInsertion = this.initializeCallables(taskCompletionService, characterInsertionByUser, charFromBooleanMatch);
var mediatorVendor = this.injectionModel.getMediatorVendor();
LOGGER.log(LogLevel.CONSOLE_DEFAULT, "Fingerprinting database and character insertion with Order by match...");
String charFromOrderBy = null;
int total = charactersInsertion.size();
while (0 < total) {
if (this.isSuspended()) {
throw new StoppedByUserSlidingException();
}
try {
CallablePageSource currentCallable = taskCompletionService.take().get();
total--;
String pageSource = currentCallable.getContent();
List<Vendor> vendorsOrderByMatch = this.getVendorsOrderByMatch(mediatorVendor, pageSource);
if (!vendorsOrderByMatch.isEmpty()) {
this.setVendor(mediatorVendor, vendorsOrderByMatch);
LOGGER.log(LogLevel.CONSOLE_INFORM, "Using [{}]", mediatorVendor.getVendor());
var requestSetVendor = new Request();
requestSetVendor.setMessage(Interaction.SET_VENDOR);
requestSetVendor.setParameters(mediatorVendor.getVendor());
this.injectionModel.sendToViews(requestSetVendor);
// Char insertion
charFromOrderBy = currentCallable.getCharacterInsertion();
LOGGER.log(LogLevel.CONSOLE_SUCCESS, "Character insertion [{}] matching with Order by and compatible with Error strategy", charFromOrderBy);
break;
}
} catch (InterruptedException e) {
LOGGER.log(LogLevel.CONSOLE_JAVA, e, e);
Thread.currentThread().interrupt();
} catch (ExecutionException e) {
LOGGER.log(LogLevel.CONSOLE_JAVA, e, e);
}
}
// End the job
try {
taskExecutor.shutdown();
if (!taskExecutor.awaitTermination(15, TimeUnit.SECONDS)) {
taskExecutor.shutdownNow();
}
} catch (InterruptedException e) {
LOGGER.log(LogLevel.CONSOLE_JAVA, e, e);
Thread.currentThread().interrupt();
}
if (charFromOrderBy == null && charFromBooleanMatch[0] != null) {
charFromOrderBy = charFromBooleanMatch[0];
}
return this.getCharacterInsertion(characterInsertionByUser, charFromOrderBy);
}
Aggregations