| 1 | /******************************************************************************* | |
| 2 | * Copyhacked (H) 2012-2025. | |
| 3 | * This program and the accompanying materials | |
| 4 | * are made available under no term at all, use it like | |
| 5 | * you want, but share and discuss it | |
| 6 | * every time possible with every body. | |
| 7 | * | |
| 8 | * Contributors: | |
| 9 | * ron190 at ymail dot com - initial implementation | |
| 10 | ******************************************************************************/ | |
| 11 | package com.jsql.view.swing.manager; | |
| 12 | ||
| 13 | import com.jsql.model.bean.util.Interaction; | |
| 14 | import com.jsql.model.bean.util.Request; | |
| 15 | import com.jsql.model.injection.method.AbstractMethodInjection; | |
| 16 | import com.jsql.model.injection.vendor.model.Vendor; | |
| 17 | import com.jsql.util.LogLevelUtil; | |
| 18 | import com.jsql.util.StringUtil; | |
| 19 | import com.jsql.view.scan.ScanListTerminal; | |
| 20 | import com.jsql.view.swing.list.*; | |
| 21 | import com.jsql.view.swing.manager.util.StateButton; | |
| 22 | import com.jsql.view.swing.util.I18nViewUtil; | |
| 23 | import com.jsql.view.swing.util.MediatorHelper; | |
| 24 | import com.jsql.view.swing.util.UiUtil; | |
| 25 | import org.apache.logging.log4j.LogManager; | |
| 26 | import org.apache.logging.log4j.Logger; | |
| 27 | import org.json.JSONArray; | |
| 28 | import org.json.JSONException; | |
| 29 | ||
| 30 | import javax.swing.*; | |
| 31 | import java.awt.*; | |
| 32 | import java.awt.event.ActionEvent; | |
| 33 | import java.awt.event.ActionListener; | |
| 34 | import java.io.BufferedReader; | |
| 35 | import java.io.IOException; | |
| 36 | import java.io.InputStreamReader; | |
| 37 | import java.nio.charset.StandardCharsets; | |
| 38 | import java.util.List; | |
| 39 | import java.util.Objects; | |
| 40 | import java.util.Optional; | |
| 41 | ||
| 42 | /** | |
| 43 | * Manager to display webpages frequently used as backoffice administration. | |
| 44 | */ | |
| 45 | public class ManagerScan extends AbstractManagerList { | |
| 46 | | |
| 47 | /** | |
| 48 | * Log4j logger sent to view. | |
| 49 | */ | |
| 50 | private static final Logger LOGGER = LogManager.getRootLogger(); | |
| 51 | ||
| 52 | public static final String NAME = "listManagerScan"; | |
| 53 | ||
| 54 | /** | |
| 55 | * Create admin page finder. | |
| 56 | */ | |
| 57 | public ManagerScan() { | |
| 58 | super("swing/list/scan-page.json"); | |
| 59 | ||
| 60 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::setTransferHandler → NO_COVERAGE |
this.listPaths.setTransferHandler(null); |
| 61 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::setTransferHandler → NO_COVERAGE |
this.listPaths.setTransferHandler(new ListTransfertHandlerScan()); |
| 62 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::setCellRenderer → NO_COVERAGE |
this.listPaths.setCellRenderer(new DefaultListCellRenderer() { |
| 63 | @Override | |
| 64 | public Component getListCellRendererComponent(JList list, Object value, int index, boolean isSelected, boolean cellHasFocus) { | |
| 65 | JLabel label = (JLabel) super.getListCellRendererComponent(list, value, index, isSelected, cellHasFocus); | |
| 66 | ItemList itemList = (ItemList) value; | |
| 67 |
1
1. getListCellRendererComponent : negated conditional → NO_COVERAGE |
if (itemList.isVulnerable()) { |
| 68 |
1
1. getListCellRendererComponent : removed call to javax/swing/JLabel::setIcon → NO_COVERAGE |
label.setIcon(UiUtil.TICK_GREEN.getIcon()); |
| 69 | } | |
| 70 |
1
1. getListCellRendererComponent : replaced return value with null for com/jsql/view/swing/manager/ManagerScan$1::getListCellRendererComponent → NO_COVERAGE |
return label; |
| 71 | } | |
| 72 | }); | |
| 73 | | |
| 74 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::setName → NO_COVERAGE |
this.listPaths.setName(ManagerScan.NAME); |
| 75 | ||
| 76 | JPanel lastLine = this.getLastLinePanel(); | |
| 77 |
1
1. <init> : removed call to com/jsql/view/swing/manager/ManagerScan::add → NO_COVERAGE |
this.add(lastLine, BorderLayout.SOUTH); |
| 78 | | |
| 79 |
1
1. <init> : removed call to com/jsql/view/swing/list/DnDList::addListSelectionListener → NO_COVERAGE |
this.listPaths.addListSelectionListener(e -> { |
| 80 |
1
1. lambda$new$0 : negated conditional → NO_COVERAGE |
if (this.listPaths.getSelectedValue() == null) { |
| 81 | return; | |
| 82 | } | |
| 83 | | |
| 84 | var beanInjection = ((ItemListScan) this.listPaths.getSelectedValue()).getBeanInjection(); | |
| 85 |
1
1. lambda$new$0 : removed call to javax/swing/JTextField::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getTextFieldAddress().setText(beanInjection.getUrl()); |
| 86 |
1
1. lambda$new$0 : removed call to javax/swing/JTextField::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getTextFieldHeader().setText(beanInjection.getHeader()); |
| 87 |
1
1. lambda$new$0 : removed call to javax/swing/JTextField::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getTextFieldRequest().setText(beanInjection.getRequest()); |
| 88 | | |
| 89 | String requestType = beanInjection.getRequestType(); | |
| 90 |
2
1. lambda$new$0 : negated conditional → NO_COVERAGE 2. lambda$new$0 : negated conditional → NO_COVERAGE |
if (requestType != null && !requestType.isEmpty()) { |
| 91 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioMethod().setText(requestType); |
| 92 | } else { | |
| 93 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setText → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioMethod().setText(StringUtil.GET); |
| 94 | } | |
| 95 | | |
| 96 | AbstractMethodInjection method = beanInjection.getMethodInstance(); | |
| 97 |
1
1. lambda$new$0 : negated conditional → NO_COVERAGE |
if (method == MediatorHelper.model().getMediatorMethod().getHeader()) { |
| 98 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setSelected → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioHeader().setSelected(true); |
| 99 |
1
1. lambda$new$0 : negated conditional → NO_COVERAGE |
} else if (method == MediatorHelper.model().getMediatorMethod().getRequest()) { |
| 100 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setSelected → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioMethod().setSelected(true); |
| 101 | } else { | |
| 102 |
1
1. lambda$new$0 : removed call to javax/swing/JRadioButton::setSelected → NO_COVERAGE |
MediatorHelper.panelAddressBar().getAtomicRadioRequest().setSelected(true); |
| 103 | } | |
| 104 | }); | |
| 105 | } | |
| 106 | ||
| 107 | @Override | |
| 108 | public void buildList(String nameFile) { | |
| 109 | var jsonScan = new StringBuilder(); | |
| 110 | try ( | |
| 111 | var inputStream = UiUtil.class.getClassLoader().getResourceAsStream(nameFile); | |
| 112 | var inputStreamReader = new InputStreamReader(Objects.requireNonNull(inputStream), StandardCharsets.UTF_8); | |
| 113 | var reader = new BufferedReader(inputStreamReader) | |
| 114 | ) { | |
| 115 | String line; | |
| 116 |
1
1. buildList : negated conditional → NO_COVERAGE |
while ((line = reader.readLine()) != null) { |
| 117 | jsonScan.append(line); | |
| 118 | } | |
| 119 | var jsonArrayScan = new JSONArray(jsonScan.toString()); | |
| 120 |
2
1. buildList : negated conditional → NO_COVERAGE 2. buildList : changed conditional boundary → NO_COVERAGE |
for (var i = 0 ; i < jsonArrayScan.length() ; i++) { |
| 121 | this.itemsList.add(new ItemListScan(jsonArrayScan.getJSONObject(i))); | |
| 122 | } | |
| 123 | this.listPaths = new DnDListScan(this.itemsList); | |
| 124 | } catch (JSONException | IOException e) { | |
| 125 | LOGGER.log(LogLevelUtil.CONSOLE_JAVA, e, e); | |
| 126 | } | |
| 127 | } | |
| 128 | ||
| 129 | private JPanel getLastLinePanel() { | |
| 130 | var lastLine = new JPanel(); | |
| 131 |
1
1. getLastLinePanel : removed call to javax/swing/JPanel::setOpaque → NO_COVERAGE |
lastLine.setOpaque(false); |
| 132 |
1
1. getLastLinePanel : removed call to javax/swing/JPanel::setLayout → NO_COVERAGE |
lastLine.setLayout(new BoxLayout(lastLine, BoxLayout.X_AXIS)); |
| 133 | ||
| 134 |
1
1. getLastLinePanel : removed call to com/jsql/view/swing/manager/ManagerScan::buildRunButton → NO_COVERAGE |
this.buildRunButton("SCAN_RUN_BUTTON_LABEL", "SCAN_RUN_BUTTON_TOOLTIP"); |
| 135 |
1
1. getLastLinePanel : removed call to com/jsql/view/swing/manager/util/JButtonStateful::addActionListener → NO_COVERAGE |
this.run.addActionListener(new ActionScan()); |
| 136 | ||
| 137 | lastLine.add(this.horizontalGlue); | |
| 138 | lastLine.add(this.progressBar); | |
| 139 | lastLine.add(this.run); | |
| 140 |
1
1. getLastLinePanel : replaced return value with null for com/jsql/view/swing/manager/ManagerScan::getLastLinePanel → NO_COVERAGE |
return lastLine; |
| 141 | } | |
| 142 | ||
| 143 | private class ActionScan implements ActionListener { | |
| 144 | @Override | |
| 145 | public void actionPerformed(ActionEvent e) { | |
| 146 |
1
1. actionPerformed : negated conditional → NO_COVERAGE |
if (ManagerScan.this.listPaths.getSelectedValuesList().isEmpty()) { |
| 147 | LOGGER.log(LogLevelUtil.CONSOLE_ERROR, "Select URL(s) to scan"); | |
| 148 | return; | |
| 149 | } | |
| 150 | new Thread(() -> { | |
| 151 |
1
1. lambda$actionPerformed$0 : negated conditional → NO_COVERAGE |
if (ManagerScan.this.run.getState() == StateButton.STARTABLE) { |
| 152 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/util/JButtonStateful::setText → NO_COVERAGE |
ManagerScan.this.run.setText(I18nViewUtil.valueByKey("SCAN_RUN_BUTTON_STOP")); |
| 153 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/util/JButtonStateful::setState → NO_COVERAGE |
ManagerScan.this.run.setState(StateButton.STOPPABLE); |
| 154 |
1
1. lambda$actionPerformed$0 : removed call to javax/swing/JProgressBar::setVisible → NO_COVERAGE |
ManagerScan.this.progressBar.setVisible(true); |
| 155 |
1
1. lambda$actionPerformed$0 : removed call to java/awt/Component::setVisible → NO_COVERAGE |
ManagerScan.this.horizontalGlue.setVisible(false); |
| 156 | DefaultListModel<ItemList> listModel = (DefaultListModel<ItemList>) ManagerScan.this.listPaths.getModel(); | |
| 157 |
2
1. lambda$actionPerformed$0 : changed conditional boundary → NO_COVERAGE 2. lambda$actionPerformed$0 : negated conditional → NO_COVERAGE |
for (var i = 0 ; i < listModel.getSize() ; i++) { |
| 158 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/list/ItemList::reset → NO_COVERAGE |
listModel.get(i).reset(); |
| 159 | } | |
| 160 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/ManagerScan::scan → NO_COVERAGE |
ManagerScan.this.scan(ManagerScan.this.listPaths.getSelectedValuesList()); |
| 161 | } else { | |
| 162 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/model/accessible/ResourceAccess::setScanStopped → NO_COVERAGE |
MediatorHelper.model().getResourceAccess().setScanStopped(true); |
| 163 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/model/InjectionModel::setIsStoppedByUser → NO_COVERAGE |
MediatorHelper.model().setIsStoppedByUser(true); |
| 164 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/util/JButtonStateful::setEnabled → NO_COVERAGE |
ManagerScan.this.run.setEnabled(false); |
| 165 |
1
1. lambda$actionPerformed$0 : removed call to com/jsql/view/swing/manager/util/JButtonStateful::setState → NO_COVERAGE |
ManagerScan.this.run.setState(StateButton.STOPPING); |
| 166 | } | |
| 167 |
1
1. actionPerformed : removed call to java/lang/Thread::start → NO_COVERAGE |
}, "ThreadScan").start(); |
| 168 | } | |
| 169 | } | |
| 170 | | |
| 171 | /** | |
| 172 | * Start fast scan of URLs in sequence and display result. | |
| 173 | * Unplug any existing view and plug a console-like view in order to | |
| 174 | * respond appropriately to GUI message with simple text result instead of | |
| 175 | * build complex graphical components during the multi website injections. | |
| 176 | * At the end of the scan it plugs again the default view. | |
| 177 | * @param urlsItemList contains a list of String URL | |
| 178 | */ | |
| 179 | public void scan(List<ItemList> urlsItemList) { | |
| 180 |
1
1. scan : removed call to com/jsql/view/swing/JFrameView::resetInterface → NO_COVERAGE |
MediatorHelper.frame().resetInterface(); // Erase everything in the view from a previous injection |
| 181 | | |
| 182 | // wait for ending of ongoing interaction between two injections | |
| 183 | try { | |
| 184 |
1
1. scan : removed call to java/lang/Thread::sleep → NO_COVERAGE |
Thread.sleep(500); |
| 185 | } catch (InterruptedException e) { | |
| 186 | LOGGER.log(LogLevelUtil.IGNORE, e, e); | |
| 187 |
1
1. scan : removed call to java/lang/Thread::interrupt → NO_COVERAGE |
Thread.currentThread().interrupt(); |
| 188 | } | |
| 189 | ||
| 190 | // Display result only in console | |
| 191 | var requestUnsubscribe = new Request(); | |
| 192 |
1
1. scan : removed call to com/jsql/model/bean/util/Request::setMessage → NO_COVERAGE |
requestUnsubscribe.setMessage(Interaction.UNSUBSCRIBE); |
| 193 |
1
1. scan : removed call to com/jsql/model/InjectionModel::sendToViews → NO_COVERAGE |
MediatorHelper.model().sendToViews(requestUnsubscribe); |
| 194 |
1
1. scan : removed call to com/jsql/model/InjectionModel::subscribe → NO_COVERAGE |
MediatorHelper.model().subscribe(new ScanListTerminal()); |
| 195 | | |
| 196 |
1
1. scan : removed call to com/jsql/model/InjectionModel::setIsScanning → NO_COVERAGE |
MediatorHelper.model().setIsScanning(true); |
| 197 |
1
1. scan : removed call to com/jsql/model/accessible/ResourceAccess::setScanStopped → NO_COVERAGE |
MediatorHelper.model().getResourceAccess().setScanStopped(false); |
| 198 | | |
| 199 | for (ItemList urlItemList: urlsItemList) { | |
| 200 | if ( // detect interrupt by user to end intermediate scan | |
| 201 |
1
1. scan : negated conditional → NO_COVERAGE |
MediatorHelper.model().isStoppedByUser() |
| 202 |
1
1. scan : negated conditional → NO_COVERAGE |
|| MediatorHelper.model().getResourceAccess().isScanStopped() |
| 203 | ) { | |
| 204 | break; | |
| 205 | } | |
| 206 | ||
| 207 | var urlItemListScan = (ItemListScan) urlItemList; | |
| 208 | LOGGER.log(LogLevelUtil.CONSOLE_INFORM, "Scanning {}", urlItemListScan.getBeanInjection().getUrl()); | |
| 209 | ||
| 210 | Optional<Vendor> optionalVendor = MediatorHelper.model().getMediatorVendor().getVendors() | |
| 211 | .stream() | |
| 212 |
2
1. lambda$scan$1 : replaced boolean return with false for com/jsql/view/swing/manager/ManagerScan::lambda$scan$1 → NO_COVERAGE 2. lambda$scan$1 : replaced boolean return with true for com/jsql/view/swing/manager/ManagerScan::lambda$scan$1 → NO_COVERAGE |
.filter(vendor -> vendor.toString().equalsIgnoreCase(urlItemListScan.getBeanInjection().getVendor())) |
| 213 | .findAny(); | |
| 214 | ||
| 215 |
1
1. scan : removed call to com/jsql/model/injection/vendor/MediatorVendor::setVendorByUser → NO_COVERAGE |
MediatorHelper.model().getMediatorVendor().setVendorByUser( |
| 216 | optionalVendor.orElse(MediatorHelper.model().getMediatorVendor().getAuto()) | |
| 217 | ); | |
| 218 |
1
1. scan : removed call to com/jsql/util/ParameterUtil::controlInput → NO_COVERAGE |
MediatorHelper.model().getMediatorUtils().getParameterUtil().controlInput( |
| 219 | urlItemListScan.getBeanInjection().getUrl(), | |
| 220 | urlItemListScan.getBeanInjection().getRequest(), | |
| 221 | urlItemListScan.getBeanInjection().getHeader(), | |
| 222 | urlItemListScan.getBeanInjection().getMethodInstance(), | |
| 223 | urlItemListScan.getBeanInjection().getRequestType(), | |
| 224 | true | |
| 225 | ); | |
| 226 | | |
| 227 | try { | |
| 228 |
1
1. scan : removed call to java/lang/Thread::sleep → NO_COVERAGE |
Thread.sleep(500); |
| 229 | } catch (InterruptedException e) { | |
| 230 | LOGGER.log(LogLevelUtil.IGNORE, e, e); | |
| 231 |
1
1. scan : removed call to java/lang/Thread::interrupt → NO_COVERAGE |
Thread.currentThread().interrupt(); |
| 232 | } | |
| 233 | } | |
| 234 | | |
| 235 | // Get back the default view | |
| 236 |
1
1. scan : removed call to com/jsql/model/InjectionModel::sendToViews → NO_COVERAGE |
MediatorHelper.model().sendToViews(requestUnsubscribe); |
| 237 |
1
1. scan : removed call to com/jsql/model/InjectionModel::subscribe → NO_COVERAGE |
MediatorHelper.model().subscribe(MediatorHelper.frame().getSubscriber()); |
| 238 | | |
| 239 |
1
1. scan : removed call to com/jsql/model/InjectionModel::setIsScanning → NO_COVERAGE |
MediatorHelper.model().setIsScanning(false); |
| 240 |
1
1. scan : removed call to com/jsql/model/InjectionModel::setIsStoppedByUser → NO_COVERAGE |
MediatorHelper.model().setIsStoppedByUser(false); |
| 241 |
1
1. scan : removed call to com/jsql/model/accessible/ResourceAccess::setScanStopped → NO_COVERAGE |
MediatorHelper.model().getResourceAccess().setScanStopped(false); |
| 242 | ||
| 243 |
1
1. scan : removed call to com/jsql/view/swing/manager/ManagerScan::endProcess → NO_COVERAGE |
this.endProcess(); |
| 244 | } | |
| 245 | } | |
Mutations | ||
| 60 |
1.1 |
|
| 61 |
1.1 |
|
| 62 |
1.1 |
|
| 67 |
1.1 |
|
| 68 |
1.1 |
|
| 70 |
1.1 |
|
| 74 |
1.1 |
|
| 77 |
1.1 |
|
| 79 |
1.1 |
|
| 80 |
1.1 |
|
| 85 |
1.1 |
|
| 86 |
1.1 |
|
| 87 |
1.1 |
|
| 90 |
1.1 2.2 |
|
| 91 |
1.1 |
|
| 93 |
1.1 |
|
| 97 |
1.1 |
|
| 98 |
1.1 |
|
| 99 |
1.1 |
|
| 100 |
1.1 |
|
| 102 |
1.1 |
|
| 116 |
1.1 |
|
| 120 |
1.1 2.2 |
|
| 131 |
1.1 |
|
| 132 |
1.1 |
|
| 134 |
1.1 |
|
| 135 |
1.1 |
|
| 140 |
1.1 |
|
| 146 |
1.1 |
|
| 151 |
1.1 |
|
| 152 |
1.1 |
|
| 153 |
1.1 |
|
| 154 |
1.1 |
|
| 155 |
1.1 |
|
| 157 |
1.1 2.2 |
|
| 158 |
1.1 |
|
| 160 |
1.1 |
|
| 162 |
1.1 |
|
| 163 |
1.1 |
|
| 164 |
1.1 |
|
| 165 |
1.1 |
|
| 167 |
1.1 |
|
| 180 |
1.1 |
|
| 184 |
1.1 |
|
| 187 |
1.1 |
|
| 192 |
1.1 |
|
| 193 |
1.1 |
|
| 194 |
1.1 |
|
| 196 |
1.1 |
|
| 197 |
1.1 |
|
| 201 |
1.1 |
|
| 202 |
1.1 |
|
| 212 |
1.1 2.2 |
|
| 215 |
1.1 |
|
| 218 |
1.1 |
|
| 228 |
1.1 |
|
| 231 |
1.1 |
|
| 236 |
1.1 |
|
| 237 |
1.1 |
|
| 239 |
1.1 |
|
| 240 |
1.1 |
|
| 241 |
1.1 |
|
| 243 |
1.1 |