View Javadoc
1   package com.jsql.model.injection.strategy.blind;
2   
3   import com.jsql.model.InjectionModel;
4   import com.jsql.model.injection.strategy.blind.AbstractInjectionBinary.BinaryMode;
5   
6   import java.util.Calendar;
7   import java.util.Date;
8   
9   /**
10   * Define a call HTTP to the server, require the associated url, character position and bit.
11   * diffSeconds represents the response time of the current page
12   */
13  public class CallableTime extends AbstractCallableBinary<CallableTime> {
14      
15      /**
16       * Time before the url call.
17       */
18      private final Calendar calendarOnStart = Calendar.getInstance();
19      
20      /**
21       * Time at the end of the url call.
22       */
23      private final Calendar calendarOnEnd = Calendar.getInstance();
24      
25      /**
26       * Current page loading time.
27       */
28      private long diffSeconds;
29  
30      private final InjectionModel injectionModel;
31      
32      private final InjectionTime injectionTime;
33      private final String metadataInjectionProcess;
34      
35      /**
36       * Constructor for preparation and blind confirmation.
37       */
38      public CallableTime(
39          String sqlQuery,
40          InjectionModel injectionModel,
41          InjectionTime injectionTime,
42          BinaryMode blindMode,
43          String metadataInjectionProcess
44      ) {
45          this.injectionModel = injectionModel;
46          this.injectionTime = injectionTime;
47          this.metadataInjectionProcess = metadataInjectionProcess;
48          this.booleanUrl = this.injectionModel.getMediatorVendor().getVendor().instance().sqlTimeTest(sqlQuery, blindMode);
49      }
50      
51      /**
52       * Constructor for bit test.
53       */
54      public CallableTime(
55          String sqlQuery,
56          int indexCharacter,
57          int bit,
58          InjectionModel injectionModel,
59          InjectionTime injectionTime,
60          BinaryMode blindMode,
61          String metadataInjectionProcess
62      ) {
63          this(sqlQuery, injectionModel, injectionTime, blindMode, metadataInjectionProcess);
64          this.booleanUrl = this.injectionModel.getMediatorVendor().getVendor().instance().sqlBitTestTime(sqlQuery, indexCharacter, bit, blindMode);
65          this.currentIndex = indexCharacter;
66          this.currentBit = bit;
67      }
68      
69      @Override
70      public boolean isTrue() {
71          return this.diffSeconds < this.injectionTime.getSleepTime();
72      }
73  
74      /**
75       * Process the URL HTTP call, use function inject() from the model.
76       * Calculate the response time of the current page.
77       * @return Functional Time callable
78       */
79      @Override
80      public CallableTime call() {
81          this.calendarOnStart.setTime(new Date());
82          this.injectionTime.callUrl(this.booleanUrl, this.metadataInjectionProcess, this);
83          this.calendarOnEnd.setTime(new Date());
84          
85          long timeInMillisOnStart = this.calendarOnStart.getTimeInMillis();
86          long timeInMillisOnEnd = this.calendarOnEnd.getTimeInMillis();
87          long diff = timeInMillisOnEnd - timeInMillisOnStart;
88          
89          this.diffSeconds = diff / 1000;
90          return this;
91      }
92  }