1 | /******************************************************************************* | |
2 | * Copyhacked (H) 2012-2025. | |
3 | * This program and the accompanying materials | |
4 | * are made available under no term at all, use it like | |
5 | * you want, but share and discuss it | |
6 | * every time possible with every body. | |
7 | * | |
8 | * Contributors: | |
9 | * ron190 at ymail dot com - initial implementation | |
10 | ******************************************************************************/ | |
11 | package com.jsql.view.swing.manager; | |
12 | ||
13 | import com.jsql.model.bean.util.Interaction; | |
14 | import com.jsql.model.bean.util.Request; | |
15 | import com.jsql.model.injection.method.AbstractMethodInjection; | |
16 | import com.jsql.model.injection.vendor.model.Vendor; | |
17 | import com.jsql.util.LogLevelUtil; | |
18 | import com.jsql.util.StringUtil; | |
19 | import com.jsql.view.scan.ScanListTerminal; | |
20 | import com.jsql.view.swing.list.*; | |
21 | import com.jsql.view.swing.manager.util.StateButton; | |
22 | import com.jsql.view.swing.util.I18nViewUtil; | |
23 | import com.jsql.view.swing.util.MediatorHelper; | |
24 | import com.jsql.view.swing.util.UiUtil; | |
25 | import org.apache.logging.log4j.LogManager; | |
26 | import org.apache.logging.log4j.Logger; | |
27 | import org.json.JSONArray; | |
28 | import org.json.JSONException; | |
29 | ||
30 | import javax.swing.*; | |
31 | import java.awt.*; | |
32 | import java.awt.event.ActionEvent; | |
33 | import java.awt.event.ActionListener; | |
34 | import java.io.BufferedReader; | |
35 | import java.io.IOException; | |
36 | import java.io.InputStreamReader; | |
37 | import java.nio.charset.StandardCharsets; | |
38 | import java.util.List; | |
39 | import java.util.Objects; | |
40 | import java.util.Optional; | |
41 | ||
42 | /** | |
43 | * Manager to display webpages frequently used as backoffice administration. | |
44 | */ | |
45 | public class ManagerScan extends AbstractManagerList { | |
46 | | |
47 | private static final Logger LOGGER = LogManager.getRootLogger(); | |
48 | ||
49 | public static final String NAME = "listManagerScan"; | |
50 | ||
51 | /** | |
52 | * Create admin page finder. | |
53 | */ | |
54 | public ManagerScan() { | |
55 | super("swing/list/scan-page.json"); | |
56 | ||
57 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::setTransferHandler → NO_COVERAGE |
this.listPaths.setTransferHandler(null); |
58 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::setTransferHandler → NO_COVERAGE |
this.listPaths.setTransferHandler(new ListTransfertHandlerScan()); |
59 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::setCellRenderer → NO_COVERAGE |
this.listPaths.setCellRenderer(new DefaultListCellRenderer() { |
60 | @Override | |
61 | public Component getListCellRendererComponent(JList list, Object value, int index, boolean isSelected, boolean cellHasFocus) { | |
62 | JLabel label = (JLabel) super.getListCellRendererComponent(list, value, index, isSelected, cellHasFocus); | |
63 | ItemList itemList = (ItemList) value; | |
64 |
1
1. getListCellRendererComponent : negated conditional → NO_COVERAGE |
if (itemList.isVulnerable()) { |
65 |
1
1. getListCellRendererComponent : removed call to javax/swing/JLabel::setIcon → NO_COVERAGE |
label.setIcon(UiUtil.TICK_GREEN.getIcon()); |
66 | } | |
67 |
1
1. getListCellRendererComponent : replaced return value with null for com/jsql/view/swing/manager/ManagerScan$1::getListCellRendererComponent → NO_COVERAGE |
return label; |
68 | } | |
69 | }); | |
70 | | |
71 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::setName → NO_COVERAGE |
this.listPaths.setName(ManagerScan.NAME); |
72 | ||
73 | JPanel lastLine = this.getLastLinePanel(); | |
74 |
1
1. <init> : removed call to com/jsql/view/swing/manager/ManagerScan::add → NO_COVERAGE |
this.add(lastLine, BorderLayout.SOUTH); |
75 | | |
76 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::addListSelectionListener → NO_COVERAGE |
this.listPaths.addListSelectionListener(e -> { |
77 |
1
1. lambda$new$0 : negated conditional → NO_COVERAGE |
if (this.listPaths.getSelectedValue() == null) { |
78 | return; | |
79 | } | |
80 | | |
81 | var beanInjection = ((ItemListScan) this.listPaths.getSelectedValue()).getBeanInjection(); | |
82 |
1
1. lambda$new$0 : removed call to javax/swing/JTextField::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getTextFieldAddress().setText(beanInjection.getUrl()); |
83 |
1
1. lambda$new$0 : removed call to javax/swing/JTextField::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getTextFieldHeader().setText(beanInjection.getHeader()); |
84 |
1
1. lambda$new$0 : removed call to javax/swing/JTextField::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getTextFieldRequest().setText(beanInjection.getRequest()); |
85 | | |
86 | String requestType = beanInjection.getRequestType(); | |
87 |
2
1. lambda$new$0 : negated conditional → NO_COVERAGE 2. lambda$new$0 : negated conditional → NO_COVERAGE |
if (requestType != null && !requestType.isEmpty()) { |
88 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioMethod().setText(requestType); |
89 | } else { | |
90 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioMethod().setText(StringUtil.GET); |
91 | } | |
92 | | |
93 | AbstractMethodInjection method = beanInjection.getMethodInstance(); | |
94 |
1
1. lambda$new$0 : negated conditional → NO_COVERAGE |
if (method == MediatorHelper.model().getMediatorMethod().getHeader()) { |
95 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setSelected → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioHeader().setSelected(true); |
96 |
1
1. lambda$new$0 : negated conditional → NO_COVERAGE |
} else if (method == MediatorHelper.model().getMediatorMethod().getRequest()) { |
97 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setSelected → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioMethod().setSelected(true); |
98 | } else { | |
99 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setSelected → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioRequest().setSelected(true); |
100 | } | |
101 | }); | |
102 | } | |
103 | ||
104 | @Override | |
105 | public void buildList(String nameFile) { | |
106 | var jsonScan = new StringBuilder(); | |
107 | try ( | |
108 | var inputStream = UiUtil.class.getClassLoader().getResourceAsStream(nameFile); | |
109 | var inputStreamReader = new InputStreamReader(Objects.requireNonNull(inputStream), StandardCharsets.UTF_8); | |
110 | var reader = new BufferedReader(inputStreamReader) | |
111 | ) { | |
112 | String line; | |
113 |
1
1. buildList : negated conditional → NO_COVERAGE |
while ((line = reader.readLine()) != null) { |
114 | jsonScan.append(line); | |
115 | } | |
116 | var jsonArrayScan = new JSONArray(jsonScan.toString()); | |
117 |
2
1. buildList : negated conditional → NO_COVERAGE 2. buildList : changed conditional boundary → NO_COVERAGE |
for (var i = 0 ; i < jsonArrayScan.length() ; i++) { |
118 | this.itemsList.add(new ItemListScan(jsonArrayScan.getJSONObject(i))); | |
119 | } | |
120 | this.listPaths = new DnDListScan(this.itemsList); | |
121 | } catch (JSONException | IOException e) { | |
122 | LOGGER.log(LogLevelUtil.CONSOLE_JAVA, e, e); | |
123 | } | |
124 | } | |
125 | ||
126 | private JPanel getLastLinePanel() { | |
127 | var lastLine = new JPanel(); | |
128 |
1
1. getLastLinePanel : removed call to javax/swing/JPanel::setOpaque → NO_COVERAGE |
lastLine.setOpaque(false); |
129 |
1
1. getLastLinePanel : removed call to javax/swing/JPanel::setLayout → NO_COVERAGE |
lastLine.setLayout(new BoxLayout(lastLine, BoxLayout.X_AXIS)); |
130 | ||
131 |
1
1. getLastLinePanel : removed call to com/jsql/view/swing/manager/ManagerScan::buildRunButton → NO_COVERAGE |
this.buildRunButton("SCAN_RUN_BUTTON_LABEL", "SCAN_RUN_BUTTON_TOOLTIP"); |
132 |
1
1. getLastLinePanel : removed call to com/jsql/view/swing/manager/util/JButtonStateful::addActionListener → NO_COVERAGE |
this.run.addActionListener(new ActionScan()); |
133 | ||
134 | lastLine.add(this.horizontalGlue); | |
135 | lastLine.add(this.progressBar); | |
136 | lastLine.add(this.run); | |
137 |
1
1. getLastLinePanel : replaced return value with null for com/jsql/view/swing/manager/ManagerScan::getLastLinePanel → NO_COVERAGE |
return lastLine; |
138 | } | |
139 | ||
140 | private class ActionScan implements ActionListener { | |
141 | @Override | |
142 | public void actionPerformed(ActionEvent e) { | |
143 |
1
1. actionPerformed : negated conditional → NO_COVERAGE |
if (ManagerScan.this.listPaths.getSelectedValuesList().isEmpty()) { |
144 | LOGGER.log(LogLevelUtil.CONSOLE_ERROR, "Select URL(s) to scan"); | |
145 | return; | |
146 | } | |
147 | new Thread(() -> { | |
148 |
1
1. lambda$actionPerformed$0 : negated conditional → NO_COVERAGE |
if (ManagerScan.this.run.getState() == StateButton.STARTABLE) { |
149 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/util/JButtonStateful::setText → NO_COVERAGE |
ManagerScan.this.run.setText(I18nViewUtil.valueByKey("SCAN_RUN_BUTTON_STOP")); |
150 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/util/JButtonStateful::setState → NO_COVERAGE |
ManagerScan.this.run.setState(StateButton.STOPPABLE); |
151 |
1
1. lambda$actionPerformed$0 : removed call to javax/swing/JProgressBar::setVisible → NO_COVERAGE |
ManagerScan.this.progressBar.setVisible(true); |
152 |
1
1. lambda$actionPerformed$0 : removed call to java/awt/Component::setVisible → NO_COVERAGE |
ManagerScan.this.horizontalGlue.setVisible(false); |
153 | DefaultListModel<ItemList> listModel = (DefaultListModel<ItemList>) ManagerScan.this.listPaths.getModel(); | |
154 |
2
1. lambda$actionPerformed$0 : changed conditional boundary → NO_COVERAGE 2. lambda$actionPerformed$0 : negated conditional → NO_COVERAGE |
for (var i = 0 ; i < listModel.getSize() ; i++) { |
155 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/list/ItemList::reset → NO_COVERAGE |
listModel.get(i).reset(); |
156 | } | |
157 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/ManagerScan::scan → NO_COVERAGE |
ManagerScan.this.scan(ManagerScan.this.listPaths.getSelectedValuesList()); |
158 | } else { | |
159 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/model/accessible/ResourceAccess::setScanStopped → NO_COVERAGE |
MediatorHelper.model().getResourceAccess().setScanStopped(true); |
160 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/model/InjectionModel::setIsStoppedByUser → NO_COVERAGE |
MediatorHelper.model().setIsStoppedByUser(true); |
161 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/util/JButtonStateful::setEnabled → NO_COVERAGE |
ManagerScan.this.run.setEnabled(false); |
162 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/util/JButtonStateful::setState → NO_COVERAGE |
ManagerScan.this.run.setState(StateButton.STOPPING); |
163 | } | |
164 |
1
1. actionPerformed : removed call to java/lang/Thread::start → NO_COVERAGE |
}, "ThreadScan").start(); |
165 | } | |
166 | } | |
167 | | |
168 | /** | |
169 | * Start fast scan of URLs in sequence and display result. | |
170 | * Unplug any existing view and plug a console-like view in order to | |
171 | * respond appropriately to GUI message with simple text result instead of | |
172 | * build complex graphical components during the multi website injections. | |
173 | * At the end of the scan it plugs again the default view. | |
174 | * @param urlsItemList contains a list of String URL | |
175 | */ | |
176 | public void scan(List<ItemList> urlsItemList) { | |
177 |
1
1. scan : removed call to com/jsql/view/swing/JFrameView::resetInterface → NO_COVERAGE |
MediatorHelper.frame().resetInterface(); // Erase everything in the view from a previous injection |
178 | | |
179 | // wait for ending of ongoing interaction between two injections | |
180 | try { | |
181 |
1
1. scan : removed call to java/lang/Thread::sleep → NO_COVERAGE |
Thread.sleep(500); |
182 | } catch (InterruptedException e) { | |
183 | LOGGER.log(LogLevelUtil.IGNORE, e, e); | |
184 |
1
1. scan : removed call to java/lang/Thread::interrupt → NO_COVERAGE |
Thread.currentThread().interrupt(); |
185 | } | |
186 | ||
187 | // Display result only in console | |
188 | var requestUnsubscribe = new Request(); | |
189 |
1
1. scan : removed call to com/jsql/model/bean/util/Request::setMessage → NO_COVERAGE |
requestUnsubscribe.setMessage(Interaction.UNSUBSCRIBE); |
190 |
1
1. scan : removed call to com/jsql/model/InjectionModel::sendToViews → NO_COVERAGE |
MediatorHelper.model().sendToViews(requestUnsubscribe); |
191 |
1
1. scan : removed call to com/jsql/model/InjectionModel::subscribe → NO_COVERAGE |
MediatorHelper.model().subscribe(new ScanListTerminal()); |
192 | | |
193 |
1
1. scan : removed call to com/jsql/model/InjectionModel::setIsScanning → NO_COVERAGE |
MediatorHelper.model().setIsScanning(true); |
194 |
1
1. scan : removed call to com/jsql/model/accessible/ResourceAccess::setScanStopped → NO_COVERAGE |
MediatorHelper.model().getResourceAccess().setScanStopped(false); |
195 | | |
196 | for (ItemList urlItemList: urlsItemList) { | |
197 | if ( // detect interrupt by user to end intermediate scan | |
198 |
1
1. scan : negated conditional → NO_COVERAGE |
MediatorHelper.model().isStoppedByUser() |
199 |
1
1. scan : negated conditional → NO_COVERAGE |
|| MediatorHelper.model().getResourceAccess().isScanStopped() |
200 | ) { | |
201 | break; | |
202 | } | |
203 | ||
204 | var urlItemListScan = (ItemListScan) urlItemList; | |
205 | LOGGER.log(LogLevelUtil.CONSOLE_INFORM, "Scanning {}", urlItemListScan.getBeanInjection().getUrl()); | |
206 | ||
207 | Optional<Vendor> optionalVendor = MediatorHelper.model().getMediatorVendor().getVendors() | |
208 | .stream() | |
209 |
2
1. lambda$scan$1 : replaced boolean return with false for com/jsql/view/swing/manager/ManagerScan::lambda$scan$1 → NO_COVERAGE 2. lambda$scan$1 : replaced boolean return with true for com/jsql/view/swing/manager/ManagerScan::lambda$scan$1 → NO_COVERAGE |
.filter(vendor -> vendor.toString().equalsIgnoreCase(urlItemListScan.getBeanInjection().getVendor())) |
210 | .findAny(); | |
211 | ||
212 |
1
1. scan : removed call to com/jsql/model/injection/vendor/MediatorVendor::setVendorByUser → NO_COVERAGE |
MediatorHelper.model().getMediatorVendor().setVendorByUser( |
213 | optionalVendor.orElse(MediatorHelper.model().getMediatorVendor().getAuto()) | |
214 | ); | |
215 |
1
1. scan : removed call to com/jsql/util/ParameterUtil::controlInput → NO_COVERAGE |
MediatorHelper.model().getMediatorUtils().getParameterUtil().controlInput( |
216 | urlItemListScan.getBeanInjection().getUrl(), | |
217 | urlItemListScan.getBeanInjection().getRequest(), | |
218 | urlItemListScan.getBeanInjection().getHeader(), | |
219 | urlItemListScan.getBeanInjection().getMethodInstance(), | |
220 | urlItemListScan.getBeanInjection().getRequestType(), | |
221 | true | |
222 | ); | |
223 | | |
224 | try { | |
225 |
1
1. scan : removed call to java/lang/Thread::sleep → NO_COVERAGE |
Thread.sleep(500); |
226 | } catch (InterruptedException e) { | |
227 | LOGGER.log(LogLevelUtil.IGNORE, e, e); | |
228 |
1
1. scan : removed call to java/lang/Thread::interrupt → NO_COVERAGE |
Thread.currentThread().interrupt(); |
229 | } | |
230 | } | |
231 | | |
232 | // Get back the default view | |
233 |
1
1. scan : removed call to com/jsql/model/InjectionModel::sendToViews → NO_COVERAGE |
MediatorHelper.model().sendToViews(requestUnsubscribe); |
234 |
1
1. scan : removed call to com/jsql/model/InjectionModel::subscribe → NO_COVERAGE |
MediatorHelper.model().subscribe(MediatorHelper.frame().getSubscriber()); |
235 | | |
236 |
1
1. scan : removed call to com/jsql/model/InjectionModel::setIsScanning → NO_COVERAGE |
MediatorHelper.model().setIsScanning(false); |
237 |
1
1. scan : removed call to com/jsql/model/InjectionModel::setIsStoppedByUser → NO_COVERAGE |
MediatorHelper.model().setIsStoppedByUser(false); |
238 |
1
1. scan : removed call to com/jsql/model/accessible/ResourceAccess::setScanStopped → NO_COVERAGE |
MediatorHelper.model().getResourceAccess().setScanStopped(false); |
239 | ||
240 |
1
1. scan : removed call to com/jsql/view/swing/manager/ManagerScan::endProcess → NO_COVERAGE |
this.endProcess(); |
241 | } | |
242 | } | |
Mutations | ||
57 |
1.1 |
|
58 |
1.1 |
|
59 |
1.1 |
|
64 |
1.1 |
|
65 |
1.1 |
|
67 |
1.1 |
|
71 |
1.1 |
|
74 |
1.1 |
|
76 |
1.1 |
|
77 |
1.1 |
|
82 |
1.1 |
|
83 |
1.1 |
|
84 |
1.1 |
|
87 |
1.1 2.2 |
|
88 |
1.1 |
|
90 |
1.1 |
|
94 |
1.1 |
|
95 |
1.1 |
|
96 |
1.1 |
|
97 |
1.1 |
|
99 |
1.1 |
|
113 |
1.1 |
|
117 |
1.1 2.2 |
|
128 |
1.1 |
|
129 |
1.1 |
|
131 |
1.1 |
|
132 |
1.1 |
|
137 |
1.1 |
|
143 |
1.1 |
|
148 |
1.1 |
|
149 |
1.1 |
|
150 |
1.1 |
|
151 |
1.1 |
|
152 |
1.1 |
|
154 |
1.1 2.2 |
|
155 |
1.1 |
|
157 |
1.1 |
|
159 |
1.1 |
|
160 |
1.1 |
|
161 |
1.1 |
|
162 |
1.1 |
|
164 |
1.1 |
|
177 |
1.1 |
|
181 |
1.1 |
|
184 |
1.1 |
|
189 |
1.1 |
|
190 |
1.1 |
|
191 |
1.1 |
|
193 |
1.1 |
|
194 |
1.1 |
|
198 |
1.1 |
|
199 |
1.1 |
|
209 |
1.1 2.2 |
|
212 |
1.1 |
|
215 |
1.1 |
|
225 |
1.1 |
|
228 |
1.1 |
|
233 |
1.1 |
|
234 |
1.1 |
|
236 |
1.1 |
|
237 |
1.1 |
|
238 |
1.1 |
|
240 |
1.1 |