| 1 | /******************************************************************************* | |
| 2 | * Copyhacked (H) 2012-2020. | |
| 3 | * This program and the accompanying materials | |
| 4 | * are made available under no term at all, use it like | |
| 5 | * you want, but share and discuss about it | |
| 6 | * every time possible with every body. | |
| 7 | * | |
| 8 | * Contributors: | |
| 9 | * ron190 at ymail dot com - initial implementation | |
| 10 | *******************************************************************************/ | |
| 11 | package com.jsql.model.injection.strategy; | |
| 12 | ||
| 13 | import com.jsql.model.InjectionModel; | |
| 14 | import com.jsql.model.bean.util.Interaction; | |
| 15 | import com.jsql.model.bean.util.Request; | |
| 16 | import com.jsql.model.exception.StoppedByUserSlidingException; | |
| 17 | import com.jsql.model.injection.strategy.blind.AbstractInjectionBoolean.BooleanMode; | |
| 18 | import com.jsql.model.injection.strategy.blind.InjectionMultibit; | |
| 19 | import com.jsql.model.injection.vendor.model.VendorYaml; | |
| 20 | import com.jsql.model.suspendable.AbstractSuspendable; | |
| 21 | import com.jsql.util.I18nUtil; | |
| 22 | import com.jsql.util.LogLevelUtil; | |
| 23 | import org.apache.logging.log4j.LogManager; | |
| 24 | import org.apache.logging.log4j.Logger; | |
| 25 | ||
| 26 | public class StrategyInjectionMultibit extends AbstractStrategy { | |
| 27 | ||
| 28 | /** | |
| 29 | * Log4j logger sent to view. | |
| 30 | */ | |
| 31 | private static final Logger LOGGER = LogManager.getRootLogger(); | |
| 32 | ||
| 33 | private InjectionMultibit injectionMultibit; | |
| 34 | ||
| 35 | public StrategyInjectionMultibit(InjectionModel injectionModel) { | |
| 36 | super(injectionModel); | |
| 37 | } | |
| 38 | ||
| 39 | @Override | |
| 40 | public void checkApplicability() throws StoppedByUserSlidingException { | |
| 41 | ||
| 42 |
1
1. checkApplicability : negated conditional → NO_COVERAGE |
if (this.injectionModel.getMediatorUtils().getPreferencesUtil().isStrategyMultibitDisabled()) { |
| 43 | ||
| 44 | LOGGER.log(LogLevelUtil.CONSOLE_INFORM, AbstractStrategy.FORMAT_SKIP_STRATEGY_DISABLED, getName()); | |
| 45 | return; | |
| 46 | } | |
| 47 | ||
| 48 | LOGGER.log(LogLevelUtil.CONSOLE_DEFAULT, "{} Multibit...", () -> I18nUtil.valueByKey(KEY_LOG_CHECKING_STRATEGY)); | |
| 49 | ||
| 50 | this.injectionMultibit = new InjectionMultibit(this.injectionModel, BooleanMode.STACKED); | |
| 51 | this.isApplicable = this.injectionMultibit.isInjectable(); | |
| 52 | ||
| 53 |
1
1. checkApplicability : negated conditional → NO_COVERAGE |
if (this.isApplicable) { |
| 54 | ||
| 55 | LOGGER.log(LogLevelUtil.CONSOLE_SUCCESS, "{} Multibit injection", () -> I18nUtil.valueByKey(KEY_LOG_VULNERABLE)); | |
| 56 | ||
| 57 |
1
1. checkApplicability : removed call to com/jsql/model/injection/strategy/StrategyInjectionMultibit::allow → NO_COVERAGE |
this.allow(); |
| 58 | ||
| 59 | var requestMessageBinary = new Request(); | |
| 60 |
1
1. checkApplicability : removed call to com/jsql/model/bean/util/Request::setMessage → NO_COVERAGE |
requestMessageBinary.setMessage(Interaction.MESSAGE_BINARY); |
| 61 |
1
1. checkApplicability : removed call to com/jsql/model/bean/util/Request::setParameters → NO_COVERAGE |
requestMessageBinary.setParameters(this.injectionMultibit.getInfoMessage()); |
| 62 |
1
1. checkApplicability : removed call to com/jsql/model/InjectionModel::sendToViews → NO_COVERAGE |
this.injectionModel.sendToViews(requestMessageBinary); |
| 63 | ||
| 64 | } else { | |
| 65 |
1
1. checkApplicability : removed call to com/jsql/model/injection/strategy/StrategyInjectionMultibit::unallow → NO_COVERAGE |
this.unallow(); |
| 66 | } | |
| 67 | } | |
| 68 | ||
| 69 | @Override | |
| 70 | public void allow(int... i) { | |
| 71 | ||
| 72 |
1
1. allow : removed call to com/jsql/model/InjectionModel::appendAnalysisReport → NO_COVERAGE |
this.injectionModel.appendAnalysisReport( |
| 73 | "<span style=color:rgb(0,0,255)>### Strategy: " + getName() + "</span>" | |
| 74 | + this.injectionModel.getReportWithoutIndex( | |
| 75 | injectionModel.getMediatorVendor().getVendor().instance().sqlMultibit( | |
| 76 | this.injectionModel.getMediatorVendor().getVendor().instance().sqlBlind("<span style=color:rgb(0,128,0)><query></span>", "0", true), | |
| 77 | 0, | |
| 78 | 1 | |
| 79 | ), | |
| 80 | "metadataInjectionProcess", | |
| 81 | null | |
| 82 | ) | |
| 83 | ); | |
| 84 |
1
1. allow : removed call to com/jsql/model/injection/strategy/StrategyInjectionMultibit::markVulnerability → NO_COVERAGE |
this.markVulnerability(Interaction.MARK_MULTI_VULNERABLE); |
| 85 | } | |
| 86 | ||
| 87 | @Override | |
| 88 | public void unallow(int... i) { | |
| 89 |
1
1. unallow : removed call to com/jsql/model/injection/strategy/StrategyInjectionMultibit::markVulnerability → NO_COVERAGE |
this.markVulnerability(Interaction.MARK_MULTI_INVULNERABLE); |
| 90 | } | |
| 91 | ||
| 92 | @Override | |
| 93 | public String inject(String sqlQuery, String startPosition, AbstractSuspendable stoppable, String metadataInjectionProcess) throws StoppedByUserSlidingException { | |
| 94 |
1
1. inject : replaced return value with "" for com/jsql/model/injection/strategy/StrategyInjectionMultibit::inject → NO_COVERAGE |
return this.injectionMultibit.inject( |
| 95 | this.injectionModel.getMediatorVendor().getVendor().instance().sqlBlind(sqlQuery, startPosition, false), | |
| 96 | stoppable | |
| 97 | ); | |
| 98 | } | |
| 99 | ||
| 100 | @Override | |
| 101 | public void activateWhenApplicable() { | |
| 102 |
2
1. activateWhenApplicable : negated conditional → NO_COVERAGE 2. activateWhenApplicable : negated conditional → NO_COVERAGE |
if (this.injectionModel.getMediatorStrategy().getStrategy() == null && this.isApplicable()) { |
| 103 | ||
| 104 | LOGGER.log( | |
| 105 | LogLevelUtil.CONSOLE_INFORM, | |
| 106 | "{} [{}]", | |
| 107 |
1
1. lambda$activateWhenApplicable$2 : replaced return value with null for com/jsql/model/injection/strategy/StrategyInjectionMultibit::lambda$activateWhenApplicable$2 → NO_COVERAGE |
() -> I18nUtil.valueByKey("LOG_USING_STRATEGY"), |
| 108 | this::getName | |
| 109 | ); | |
| 110 |
1
1. activateWhenApplicable : removed call to com/jsql/model/injection/strategy/MediatorStrategy::setStrategy → NO_COVERAGE |
this.injectionModel.getMediatorStrategy().setStrategy(this.injectionModel.getMediatorStrategy().getMultibit()); |
| 111 | ||
| 112 | var requestMarkBlindStrategy = new Request(); | |
| 113 |
1
1. activateWhenApplicable : removed call to com/jsql/model/bean/util/Request::setMessage → NO_COVERAGE |
requestMarkBlindStrategy.setMessage(Interaction.MARK_MULTI_STRATEGY); |
| 114 |
1
1. activateWhenApplicable : removed call to com/jsql/model/InjectionModel::sendToViews → NO_COVERAGE |
this.injectionModel.sendToViews(requestMarkBlindStrategy); |
| 115 | } | |
| 116 | } | |
| 117 | | |
| 118 | @Override | |
| 119 | public String getPerformanceLength() { | |
| 120 |
1
1. getPerformanceLength : replaced return value with "" for com/jsql/model/injection/strategy/StrategyInjectionMultibit::getPerformanceLength → NO_COVERAGE |
return VendorYaml.DEFAULT_CAPACITY; |
| 121 | } | |
| 122 | | |
| 123 | @Override | |
| 124 | public String getName() { | |
| 125 |
1
1. getName : replaced return value with "" for com/jsql/model/injection/strategy/StrategyInjectionMultibit::getName → NO_COVERAGE |
return "Multibit"; |
| 126 | } | |
| 127 | } | |
Mutations | ||
| 42 |
1.1 |
|
| 53 |
1.1 |
|
| 57 |
1.1 |
|
| 60 |
1.1 |
|
| 61 |
1.1 |
|
| 62 |
1.1 |
|
| 65 |
1.1 |
|
| 72 |
1.1 |
|
| 84 |
1.1 |
|
| 89 |
1.1 |
|
| 94 |
1.1 |
|
| 102 |
1.1 2.2 |
|
| 107 |
1.1 |
|
| 110 |
1.1 |
|
| 113 |
1.1 |
|
| 114 |
1.1 |
|
| 120 |
1.1 |
|
| 125 |
1.1 |