View Javadoc
1   package com.jsql.model.injection.strategy.blind;
2   
3   import com.jsql.model.injection.strategy.blind.patch.Diff;
4   import com.jsql.model.injection.strategy.blind.patch.DiffMatchPatch;
5   
6   import java.util.LinkedList;
7   import java.util.List;
8   import java.util.concurrent.CopyOnWriteArrayList;
9   
10  /**
11   * Define a call HTTP to the server, require the associated url, character
12   * position and bit. Opcodes represent the differences between
13   * the reference page, and the resulting page.
14   */
15  public class CallableCharInsertion extends AbstractCallableBinary<CallableCharInsertion> {
16      
17      // List of differences found between the reference page, and the present page
18      private LinkedList<Diff> opcodes = new LinkedList<>();
19      
20      private static final DiffMatchPatch DIFF_MATCH_PATCH = new DiffMatchPatch();
21  
22      private final InjectionCharInsertion injectionCharInsertion;
23      
24      private final String metadataInjectionProcess;
25      
26      /**
27       * Constructor for preparation and blind confirmation.
28       */
29      public CallableCharInsertion(String inj, InjectionCharInsertion injectionCharInsertion, String metadataInjectionProcess) {
30          this.injectionCharInsertion = injectionCharInsertion;
31          this.metadataInjectionProcess = metadataInjectionProcess;
32          this.booleanUrl = inj;
33      }
34  
35      /**
36       * Check if a result page means the SQL query is true,
37       * confirm that nothing in the resulting page is also defined
38       * in the pages from every FALSE SQL queries.
39       * @return true if the current SQL query is true
40       */
41      @Override
42      public boolean isTrue() {
43          // Fix #95422: ConcurrentModificationException on iterator.next()
44          List<Diff> copyTrueMarks = new CopyOnWriteArrayList<>(this.injectionCharInsertion.getConstantTrueMark());
45          for (Diff trueDiff: copyTrueMarks) {
46              if (!this.opcodes.contains(trueDiff)) {
47                  return false;
48              }
49          }
50          return true;
51      }
52  
53      /**
54       * Process the URL HTTP call, use function inject() from the model.
55       * Build the list of differences found between TRUE and the current page.
56       * @return Functional Blind Callable
57       */
58      @Override
59      public CallableCharInsertion call() {
60          String source = this.injectionCharInsertion.callUrl(this.booleanUrl, this.metadataInjectionProcess, this);
61          
62          this.opcodes = CallableCharInsertion.DIFF_MATCH_PATCH.diffMain(
63              this.injectionCharInsertion.getBlankFalseMark(),
64              source,
65              false
66          );
67  
68          CallableCharInsertion.DIFF_MATCH_PATCH.diffCleanupEfficiency(this.opcodes);
69          return this;
70      }
71      
72      public List<Diff> getOpcodes() {
73          return this.opcodes;
74      }
75  }