| 1 | /******************************************************************************* | |
| 2 | * Copyhacked (H) 2012-2025. | |
| 3 | * This program and the accompanying materials | |
| 4 | * are made available under no term at all, use it like | |
| 5 | * you want, but share and discuss it | |
| 6 | * every time possible with every body. | |
| 7 | * | |
| 8 | * Contributors: | |
| 9 | * ron190 at ymail dot com - initial implementation | |
| 10 | ******************************************************************************/ | |
| 11 | package com.jsql.view.swing.manager; | |
| 12 | ||
| 13 | import com.jsql.model.bean.util.Interaction; | |
| 14 | import com.jsql.model.bean.util.Request; | |
| 15 | import com.jsql.model.injection.method.AbstractMethodInjection; | |
| 16 | import com.jsql.model.injection.vendor.model.Vendor; | |
| 17 | import com.jsql.util.LogLevelUtil; | |
| 18 | import com.jsql.util.StringUtil; | |
| 19 | import com.jsql.view.scan.ScanListTerminal; | |
| 20 | import com.jsql.view.swing.list.*; | |
| 21 | import com.jsql.view.swing.manager.util.StateButton; | |
| 22 | import com.jsql.view.swing.util.I18nViewUtil; | |
| 23 | import com.jsql.view.swing.util.MediatorHelper; | |
| 24 | import com.jsql.view.swing.util.UiUtil; | |
| 25 | import org.apache.logging.log4j.LogManager; | |
| 26 | import org.apache.logging.log4j.Logger; | |
| 27 | import org.json.JSONArray; | |
| 28 | import org.json.JSONException; | |
| 29 | ||
| 30 | import javax.swing.*; | |
| 31 | import java.awt.*; | |
| 32 | import java.awt.event.ActionEvent; | |
| 33 | import java.awt.event.ActionListener; | |
| 34 | import java.io.BufferedReader; | |
| 35 | import java.io.IOException; | |
| 36 | import java.io.InputStreamReader; | |
| 37 | import java.nio.charset.StandardCharsets; | |
| 38 | import java.util.List; | |
| 39 | import java.util.Objects; | |
| 40 | import java.util.Optional; | |
| 41 | ||
| 42 | /** | |
| 43 | * Manager to display webpages frequently used as backoffice administration. | |
| 44 | */ | |
| 45 | public class ManagerScan extends AbstractManagerList { | |
| 46 | | |
| 47 | private static final Logger LOGGER = LogManager.getRootLogger(); | |
| 48 | ||
| 49 | public static final String NAME = "listManagerScan"; | |
| 50 | ||
| 51 | /** | |
| 52 | * Create admin page finder. | |
| 53 | */ | |
| 54 | public ManagerScan() { | |
| 55 | super("swing/list/scan-page.json"); | |
| 56 | ||
| 57 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::setTransferHandler → NO_COVERAGE |
this.listPaths.setTransferHandler(null); |
| 58 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::setTransferHandler → NO_COVERAGE |
this.listPaths.setTransferHandler(new ListTransfertHandlerScan()); |
| 59 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::setCellRenderer → NO_COVERAGE |
this.listPaths.setCellRenderer(new DefaultListCellRenderer() { |
| 60 | @Override | |
| 61 | public Component getListCellRendererComponent(JList list, Object value, int index, boolean isSelected, boolean cellHasFocus) { | |
| 62 | JLabel label = (JLabel) super.getListCellRendererComponent(list, value, index, isSelected, cellHasFocus); | |
| 63 | ItemList itemList = (ItemList) value; | |
| 64 |
1
1. getListCellRendererComponent : negated conditional → NO_COVERAGE |
if (itemList.isVulnerable()) { |
| 65 |
1
1. getListCellRendererComponent : removed call to javax/swing/JLabel::setIcon → NO_COVERAGE |
label.setIcon(UiUtil.TICK_GREEN.getIcon()); |
| 66 | } | |
| 67 |
1
1. getListCellRendererComponent : replaced return value with null for com/jsql/view/swing/manager/ManagerScan$1::getListCellRendererComponent → NO_COVERAGE |
return label; |
| 68 | } | |
| 69 | }); | |
| 70 | | |
| 71 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::setName → NO_COVERAGE |
this.listPaths.setName(ManagerScan.NAME); |
| 72 | ||
| 73 | JPanel lastLine = this.getLastLinePanel(); | |
| 74 |
1
1. <init> : removed call to com/jsql/view/swing/manager/ManagerScan::add → NO_COVERAGE |
this.add(lastLine, BorderLayout.SOUTH); |
| 75 | | |
| 76 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::addListSelectionListener → NO_COVERAGE |
this.listPaths.addListSelectionListener(e -> { |
| 77 |
1
1. lambda$new$0 : negated conditional → NO_COVERAGE |
if (this.listPaths.getSelectedValue() == null) { |
| 78 | return; | |
| 79 | } | |
| 80 | | |
| 81 | var beanInjection = ((ItemListScan) this.listPaths.getSelectedValue()).getBeanInjection(); | |
| 82 |
1
1. lambda$new$0 : removed call to javax/swing/JTextField::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getTextFieldAddress().setText(beanInjection.getUrl()); |
| 83 |
1
1. lambda$new$0 : removed call to javax/swing/JTextField::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getTextFieldHeader().setText(beanInjection.getHeader()); |
| 84 |
1
1. lambda$new$0 : removed call to javax/swing/JTextField::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getTextFieldRequest().setText(beanInjection.getRequest()); |
| 85 | | |
| 86 | String requestType = beanInjection.getRequestType(); | |
| 87 |
2
1. lambda$new$0 : negated conditional → NO_COVERAGE 2. lambda$new$0 : negated conditional → NO_COVERAGE |
if (requestType != null && !requestType.isEmpty()) { |
| 88 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioMethod().setText(requestType); |
| 89 | } else { | |
| 90 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioMethod().setText(StringUtil.GET); |
| 91 | } | |
| 92 | | |
| 93 | AbstractMethodInjection method = beanInjection.getMethodInstance(); | |
| 94 |
1
1. lambda$new$0 : negated conditional → NO_COVERAGE |
if (method == MediatorHelper.model().getMediatorMethod().getHeader()) { |
| 95 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setSelected → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioHeader().setSelected(true); |
| 96 |
1
1. lambda$new$0 : negated conditional → NO_COVERAGE |
} else if (method == MediatorHelper.model().getMediatorMethod().getRequest()) { |
| 97 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setSelected → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioMethod().setSelected(true); |
| 98 | } else { | |
| 99 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setSelected → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioRequest().setSelected(true); |
| 100 | } | |
| 101 | }); | |
| 102 | } | |
| 103 | ||
| 104 | @Override | |
| 105 | public void buildList(String nameFile) { | |
| 106 | var jsonScan = new StringBuilder(); | |
| 107 | try ( | |
| 108 | var inputStream = UiUtil.class.getClassLoader().getResourceAsStream(nameFile); | |
| 109 | var inputStreamReader = new InputStreamReader(Objects.requireNonNull(inputStream), StandardCharsets.UTF_8); | |
| 110 | var reader = new BufferedReader(inputStreamReader) | |
| 111 | ) { | |
| 112 | String line; | |
| 113 |
1
1. buildList : negated conditional → NO_COVERAGE |
while ((line = reader.readLine()) != null) { |
| 114 | jsonScan.append(line); | |
| 115 | } | |
| 116 | var jsonArrayScan = new JSONArray(jsonScan.toString()); | |
| 117 |
2
1. buildList : negated conditional → NO_COVERAGE 2. buildList : changed conditional boundary → NO_COVERAGE |
for (var i = 0 ; i < jsonArrayScan.length() ; i++) { |
| 118 | this.itemsList.add(new ItemListScan(jsonArrayScan.getJSONObject(i))); | |
| 119 | } | |
| 120 | this.listPaths = new DnDListScan(this.itemsList); | |
| 121 | } catch (JSONException | IOException e) { | |
| 122 | LOGGER.log(LogLevelUtil.CONSOLE_JAVA, e, e); | |
| 123 | } | |
| 124 | } | |
| 125 | ||
| 126 | private JPanel getLastLinePanel() { | |
| 127 | var lastLine = new JPanel(); | |
| 128 |
1
1. getLastLinePanel : removed call to javax/swing/JPanel::setOpaque → NO_COVERAGE |
lastLine.setOpaque(false); |
| 129 |
1
1. getLastLinePanel : removed call to javax/swing/JPanel::setLayout → NO_COVERAGE |
lastLine.setLayout(new BoxLayout(lastLine, BoxLayout.X_AXIS)); |
| 130 | ||
| 131 |
1
1. getLastLinePanel : removed call to com/jsql/view/swing/manager/ManagerScan::buildRunButton → NO_COVERAGE |
this.buildRunButton("SCAN_RUN_BUTTON_LABEL", "SCAN_RUN_BUTTON_TOOLTIP"); |
| 132 |
1
1. getLastLinePanel : removed call to com/jsql/view/swing/manager/util/JButtonStateful::addActionListener → NO_COVERAGE |
this.run.addActionListener(new ActionScan()); |
| 133 | ||
| 134 | lastLine.add(this.horizontalGlue); | |
| 135 | lastLine.add(this.progressBar); | |
| 136 | lastLine.add(this.run); | |
| 137 |
1
1. getLastLinePanel : replaced return value with null for com/jsql/view/swing/manager/ManagerScan::getLastLinePanel → NO_COVERAGE |
return lastLine; |
| 138 | } | |
| 139 | ||
| 140 | private class ActionScan implements ActionListener { | |
| 141 | @Override | |
| 142 | public void actionPerformed(ActionEvent e) { | |
| 143 |
1
1. actionPerformed : negated conditional → NO_COVERAGE |
if (ManagerScan.this.listPaths.getSelectedValuesList().isEmpty()) { |
| 144 | LOGGER.log(LogLevelUtil.CONSOLE_ERROR, "Select URL(s) to scan"); | |
| 145 | return; | |
| 146 | } | |
| 147 | new Thread(() -> { | |
| 148 |
1
1. lambda$actionPerformed$0 : negated conditional → NO_COVERAGE |
if (ManagerScan.this.run.getState() == StateButton.STARTABLE) { |
| 149 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/util/JButtonStateful::setText → NO_COVERAGE |
ManagerScan.this.run.setText(I18nViewUtil.valueByKey("SCAN_RUN_BUTTON_STOP")); |
| 150 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/util/JButtonStateful::setState → NO_COVERAGE |
ManagerScan.this.run.setState(StateButton.STOPPABLE); |
| 151 |
1
1. lambda$actionPerformed$0 : removed call to javax/swing/JProgressBar::setVisible → NO_COVERAGE |
ManagerScan.this.progressBar.setVisible(true); |
| 152 |
1
1. lambda$actionPerformed$0 : removed call to java/awt/Component::setVisible → NO_COVERAGE |
ManagerScan.this.horizontalGlue.setVisible(false); |
| 153 | DefaultListModel<ItemList> listModel = (DefaultListModel<ItemList>) ManagerScan.this.listPaths.getModel(); | |
| 154 |
2
1. lambda$actionPerformed$0 : changed conditional boundary → NO_COVERAGE 2. lambda$actionPerformed$0 : negated conditional → NO_COVERAGE |
for (var i = 0 ; i < listModel.getSize() ; i++) { |
| 155 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/list/ItemList::reset → NO_COVERAGE |
listModel.get(i).reset(); |
| 156 | } | |
| 157 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/ManagerScan::scan → NO_COVERAGE |
ManagerScan.this.scan(ManagerScan.this.listPaths.getSelectedValuesList()); |
| 158 | } else { | |
| 159 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/model/accessible/ResourceAccess::setScanStopped → NO_COVERAGE |
MediatorHelper.model().getResourceAccess().setScanStopped(true); |
| 160 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/model/InjectionModel::setIsStoppedByUser → NO_COVERAGE |
MediatorHelper.model().setIsStoppedByUser(true); |
| 161 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/util/JButtonStateful::setEnabled → NO_COVERAGE |
ManagerScan.this.run.setEnabled(false); |
| 162 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/util/JButtonStateful::setState → NO_COVERAGE |
ManagerScan.this.run.setState(StateButton.STOPPING); |
| 163 | } | |
| 164 |
1
1. actionPerformed : removed call to java/lang/Thread::start → NO_COVERAGE |
}, "ThreadScan").start(); |
| 165 | } | |
| 166 | } | |
| 167 | | |
| 168 | /** | |
| 169 | * Start fast scan of URLs in sequence and display result. | |
| 170 | * Unplug any existing view and plug a console-like view in order to | |
| 171 | * respond appropriately to GUI message with simple text result instead of | |
| 172 | * build complex graphical components during the multi website injections. | |
| 173 | * At the end of the scan it plugs again the default view. | |
| 174 | * @param urlsItemList contains a list of String URL | |
| 175 | */ | |
| 176 | public void scan(List<ItemList> urlsItemList) { | |
| 177 |
1
1. scan : removed call to com/jsql/view/swing/JFrameView::resetInterface → NO_COVERAGE |
MediatorHelper.frame().resetInterface(); // Erase everything in the view from a previous injection |
| 178 | | |
| 179 | // wait for ending of ongoing interaction between two injections | |
| 180 | try { | |
| 181 |
1
1. scan : removed call to java/lang/Thread::sleep → NO_COVERAGE |
Thread.sleep(500); |
| 182 | } catch (InterruptedException e) { | |
| 183 | LOGGER.log(LogLevelUtil.IGNORE, e, e); | |
| 184 |
1
1. scan : removed call to java/lang/Thread::interrupt → NO_COVERAGE |
Thread.currentThread().interrupt(); |
| 185 | } | |
| 186 | ||
| 187 | // Display result only in console | |
| 188 | var requestUnsubscribe = new Request(); | |
| 189 |
1
1. scan : removed call to com/jsql/model/bean/util/Request::setMessage → NO_COVERAGE |
requestUnsubscribe.setMessage(Interaction.UNSUBSCRIBE); |
| 190 |
1
1. scan : removed call to com/jsql/model/InjectionModel::sendToViews → NO_COVERAGE |
MediatorHelper.model().sendToViews(requestUnsubscribe); |
| 191 |
1
1. scan : removed call to com/jsql/model/InjectionModel::subscribe → NO_COVERAGE |
MediatorHelper.model().subscribe(new ScanListTerminal()); |
| 192 | | |
| 193 |
1
1. scan : removed call to com/jsql/model/InjectionModel::setIsScanning → NO_COVERAGE |
MediatorHelper.model().setIsScanning(true); |
| 194 |
1
1. scan : removed call to com/jsql/model/accessible/ResourceAccess::setScanStopped → NO_COVERAGE |
MediatorHelper.model().getResourceAccess().setScanStopped(false); |
| 195 | | |
| 196 | for (ItemList urlItemList: urlsItemList) { | |
| 197 | if ( // detect interrupt by user to end intermediate scan | |
| 198 |
1
1. scan : negated conditional → NO_COVERAGE |
MediatorHelper.model().isStoppedByUser() |
| 199 |
1
1. scan : negated conditional → NO_COVERAGE |
|| MediatorHelper.model().getResourceAccess().isScanStopped() |
| 200 | ) { | |
| 201 | break; | |
| 202 | } | |
| 203 | ||
| 204 | var urlItemListScan = (ItemListScan) urlItemList; | |
| 205 | LOGGER.log(LogLevelUtil.CONSOLE_INFORM, "Scanning {}", urlItemListScan.getBeanInjection().getUrl()); | |
| 206 | ||
| 207 | Optional<Vendor> optionalVendor = MediatorHelper.model().getMediatorVendor().getVendors() | |
| 208 | .stream() | |
| 209 |
2
1. lambda$scan$1 : replaced boolean return with false for com/jsql/view/swing/manager/ManagerScan::lambda$scan$1 → NO_COVERAGE 2. lambda$scan$1 : replaced boolean return with true for com/jsql/view/swing/manager/ManagerScan::lambda$scan$1 → NO_COVERAGE |
.filter(vendor -> vendor.toString().equalsIgnoreCase(urlItemListScan.getBeanInjection().getVendor())) |
| 210 | .findAny(); | |
| 211 | ||
| 212 |
1
1. scan : removed call to com/jsql/model/injection/vendor/MediatorVendor::setVendorByUser → NO_COVERAGE |
MediatorHelper.model().getMediatorVendor().setVendorByUser( |
| 213 | optionalVendor.orElse(MediatorHelper.model().getMediatorVendor().getAuto()) | |
| 214 | ); | |
| 215 |
1
1. scan : removed call to com/jsql/util/ParameterUtil::controlInput → NO_COVERAGE |
MediatorHelper.model().getMediatorUtils().getParameterUtil().controlInput( |
| 216 | urlItemListScan.getBeanInjection().getUrl(), | |
| 217 | urlItemListScan.getBeanInjection().getRequest(), | |
| 218 | urlItemListScan.getBeanInjection().getHeader(), | |
| 219 | urlItemListScan.getBeanInjection().getMethodInstance(), | |
| 220 | urlItemListScan.getBeanInjection().getRequestType(), | |
| 221 | true | |
| 222 | ); | |
| 223 | | |
| 224 | try { | |
| 225 |
1
1. scan : removed call to java/lang/Thread::sleep → NO_COVERAGE |
Thread.sleep(500); |
| 226 | } catch (InterruptedException e) { | |
| 227 | LOGGER.log(LogLevelUtil.IGNORE, e, e); | |
| 228 |
1
1. scan : removed call to java/lang/Thread::interrupt → NO_COVERAGE |
Thread.currentThread().interrupt(); |
| 229 | } | |
| 230 | } | |
| 231 | | |
| 232 | // Get back the default view | |
| 233 |
1
1. scan : removed call to com/jsql/model/InjectionModel::sendToViews → NO_COVERAGE |
MediatorHelper.model().sendToViews(requestUnsubscribe); |
| 234 |
1
1. scan : removed call to com/jsql/model/InjectionModel::subscribe → NO_COVERAGE |
MediatorHelper.model().subscribe(MediatorHelper.frame().getSubscriber()); |
| 235 | | |
| 236 |
1
1. scan : removed call to com/jsql/model/InjectionModel::setIsScanning → NO_COVERAGE |
MediatorHelper.model().setIsScanning(false); |
| 237 |
1
1. scan : removed call to com/jsql/model/InjectionModel::setIsStoppedByUser → NO_COVERAGE |
MediatorHelper.model().setIsStoppedByUser(false); |
| 238 |
1
1. scan : removed call to com/jsql/model/accessible/ResourceAccess::setScanStopped → NO_COVERAGE |
MediatorHelper.model().getResourceAccess().setScanStopped(false); |
| 239 | ||
| 240 |
1
1. scan : removed call to com/jsql/view/swing/manager/ManagerScan::endProcess → NO_COVERAGE |
this.endProcess(); |
| 241 | } | |
| 242 | } | |
Mutations | ||
| 57 |
1.1 |
|
| 58 |
1.1 |
|
| 59 |
1.1 |
|
| 64 |
1.1 |
|
| 65 |
1.1 |
|
| 67 |
1.1 |
|
| 71 |
1.1 |
|
| 74 |
1.1 |
|
| 76 |
1.1 |
|
| 77 |
1.1 |
|
| 82 |
1.1 |
|
| 83 |
1.1 |
|
| 84 |
1.1 |
|
| 87 |
1.1 2.2 |
|
| 88 |
1.1 |
|
| 90 |
1.1 |
|
| 94 |
1.1 |
|
| 95 |
1.1 |
|
| 96 |
1.1 |
|
| 97 |
1.1 |
|
| 99 |
1.1 |
|
| 113 |
1.1 |
|
| 117 |
1.1 2.2 |
|
| 128 |
1.1 |
|
| 129 |
1.1 |
|
| 131 |
1.1 |
|
| 132 |
1.1 |
|
| 137 |
1.1 |
|
| 143 |
1.1 |
|
| 148 |
1.1 |
|
| 149 |
1.1 |
|
| 150 |
1.1 |
|
| 151 |
1.1 |
|
| 152 |
1.1 |
|
| 154 |
1.1 2.2 |
|
| 155 |
1.1 |
|
| 157 |
1.1 |
|
| 159 |
1.1 |
|
| 160 |
1.1 |
|
| 161 |
1.1 |
|
| 162 |
1.1 |
|
| 164 |
1.1 |
|
| 177 |
1.1 |
|
| 181 |
1.1 |
|
| 184 |
1.1 |
|
| 189 |
1.1 |
|
| 190 |
1.1 |
|
| 191 |
1.1 |
|
| 193 |
1.1 |
|
| 194 |
1.1 |
|
| 198 |
1.1 |
|
| 199 |
1.1 |
|
| 209 |
1.1 2.2 |
|
| 212 |
1.1 |
|
| 215 |
1.1 |
|
| 225 |
1.1 |
|
| 228 |
1.1 |
|
| 233 |
1.1 |
|
| 234 |
1.1 |
|
| 236 |
1.1 |
|
| 237 |
1.1 |
|
| 238 |
1.1 |
|
| 240 |
1.1 |