AbstractStrategy.java

1
package com.jsql.model.injection.strategy;
2
3
import com.jsql.model.InjectionModel;
4
import com.jsql.model.bean.util.Header;
5
import com.jsql.model.bean.util.Interaction;
6
import com.jsql.model.bean.util.Request;
7
import com.jsql.model.exception.JSqlException;
8
import com.jsql.model.exception.StoppedByUserSlidingException;
9
import com.jsql.model.suspendable.AbstractSuspendable;
10
11
import java.util.EnumMap;
12
import java.util.Map;
13
14
/**
15
 * Define a strategy to inject SQL with methods like Error and Time.
16
 */
17
public abstract class AbstractStrategy {
18
19
    protected static final String KEY_LOG_CHECKING_STRATEGY = "LOG_CHECKING_STRATEGY";
20
    protected static final String KEY_LOG_VULNERABLE = "LOG_VULNERABLE";
21
    protected static final String FORMAT_STRATEGY_NOT_IMPLEMENTED = "Strategy [{}] for [{}] missing, please share your implementation";
22
    protected static final String FORMAT_SKIP_STRATEGY_DISABLED = "Skipping strategy [{}] disabled";
23
    protected static final String FORMAT_CHECKING_STRATEGY = "{} [{}]...";
24
25
    /**
26
     * True if injection can be used, false otherwise.
27
     */
28
    protected boolean isApplicable = false;
29
30
    protected final InjectionModel injectionModel;
31
    
32
    protected AbstractStrategy(InjectionModel injectionModel) {
33
        this.injectionModel = injectionModel;
34
    }
35
36
    /**
37
     * Test if this strategy can be used to inject SQL.
38
     */
39
    public abstract void checkApplicability() throws JSqlException;
40
    
41
    /**
42
     * Inform the view that this strategy can be used.
43
     */
44
    protected abstract void allow(int... i);
45
    
46
    /**
47
     * Inform the view that this strategy can't be used.
48
     */
49
    protected abstract void unallow(int... i);
50
    
51
    /**
52
     * Start the strategy work.
53
     * @return Source code
54
     */
55
    public abstract String inject(String sqlQuery, String startPosition, AbstractSuspendable stoppable, String metadataInjectionProcess) throws StoppedByUserSlidingException;
56
    
57
    /**
58
     * Change model strategy to current applicable strategy only when not already set.
59
     * Normal > Stacked > Error > Multibit > Blind > Time
60
     */
61
    public abstract void activateWhenApplicable();
62
    
63
    /**
64
     * Get number of characters you can obtain from the strategy.
65
     */
66
    public abstract String getPerformanceLength();
67
    
68
    /**
69
     * Get the injection strategy name.
70
     */
71
    public abstract String getName();
72
    
73
    public void markVulnerability(Interaction message, int... indexErrorStrategy) {
74
        
75
        var request = new Request();
76 1 1. markVulnerability : removed call to com/jsql/model/bean/util/Request::setMessage → NO_COVERAGE
        request.setMessage(message);
77
        
78
        Map<Header, Object> msgHeader = new EnumMap<>(Header.class);
79
        msgHeader.put(Header.URL, this.injectionModel.getMediatorUtils().getConnectionUtil().getUrlByUser());
80
        
81
        // Ellipse default to non null array
82 2 1. markVulnerability : changed conditional boundary → NO_COVERAGE
2. markVulnerability : negated conditional → NO_COVERAGE
        if (indexErrorStrategy.length > 0) {
83
            
84
            msgHeader.put(Header.INDEX_ERROR_STRATEGY, indexErrorStrategy[0]);
85
            msgHeader.put(Header.INJECTION_MODEL, this.injectionModel);
86
        }
87
88 1 1. markVulnerability : removed call to com/jsql/model/bean/util/Request::setParameters → NO_COVERAGE
        request.setParameters(msgHeader);
89 1 1. markVulnerability : removed call to com/jsql/model/InjectionModel::sendToViews → NO_COVERAGE
        this.injectionModel.sendToViews(request);
90
    }
91
    
92
    @Override
93
    public String toString() {
94 1 1. toString : replaced return value with "" for com/jsql/model/injection/strategy/AbstractStrategy::toString → NO_COVERAGE
        return this.getName();
95
    }
96
97
98
    // Getter and setter
99
    
100
    public boolean isApplicable() {
101 2 1. isApplicable : replaced boolean return with false for com/jsql/model/injection/strategy/AbstractStrategy::isApplicable → NO_COVERAGE
2. isApplicable : replaced boolean return with true for com/jsql/model/injection/strategy/AbstractStrategy::isApplicable → NO_COVERAGE
        return this.isApplicable;
102
    }
103
    
104
    public void setApplicable(boolean isApplicable) {
105
        this.isApplicable = isApplicable;
106
    }
107
}

Mutations

76

1.1
Location : markVulnerability
Killed by : none
removed call to com/jsql/model/bean/util/Request::setMessage → NO_COVERAGE

82

1.1
Location : markVulnerability
Killed by : none
changed conditional boundary → NO_COVERAGE

2.2
Location : markVulnerability
Killed by : none
negated conditional → NO_COVERAGE

88

1.1
Location : markVulnerability
Killed by : none
removed call to com/jsql/model/bean/util/Request::setParameters → NO_COVERAGE

89

1.1
Location : markVulnerability
Killed by : none
removed call to com/jsql/model/InjectionModel::sendToViews → NO_COVERAGE

94

1.1
Location : toString
Killed by : none
replaced return value with "" for com/jsql/model/injection/strategy/AbstractStrategy::toString → NO_COVERAGE

101

1.1
Location : isApplicable
Killed by : none
replaced boolean return with false for com/jsql/model/injection/strategy/AbstractStrategy::isApplicable → NO_COVERAGE

2.2
Location : isApplicable
Killed by : none
replaced boolean return with true for com/jsql/model/injection/strategy/AbstractStrategy::isApplicable → NO_COVERAGE

Active mutators

Tests examined


Report generated by PIT 1.16.1