View Javadoc
1   package com.jsql.model.injection.strategy.blind.callable;
2   
3   import com.jsql.model.InjectionModel;
4   import com.jsql.model.injection.strategy.blind.AbstractInjectionBit.BlindOperator;
5   import com.jsql.model.injection.strategy.blind.InjectionTime;
6   
7   import java.util.Calendar;
8   import java.util.Date;
9   
10  /**
11   * Define a call HTTP to the server, require the associated url, character position and bit.
12   * diffSeconds represents the response time of the current page
13   */
14  public class CallableTime extends AbstractCallableBit<CallableTime> {
15      
16      /**
17       * Time before the url call.
18       */
19      private final Calendar calendarOnStart = Calendar.getInstance();
20      
21      /**
22       * Time at the end of the url call.
23       */
24      private final Calendar calendarOnEnd = Calendar.getInstance();
25      
26      /**
27       * Current page loading time.
28       */
29      private long diffSeconds;
30  
31      private final InjectionModel injectionModel;
32      
33      private final InjectionTime injectionTime;
34      private final String metadataInjectionProcess;
35      
36      /**
37       * Constructor for preparation and blind confirmation.
38       */
39      public CallableTime(
40          String sqlQuery,
41          InjectionModel injectionModel,
42          InjectionTime injectionTime,
43          BlindOperator blindMode,
44          String metadataInjectionProcess
45      ) {
46          this.injectionModel = injectionModel;
47          this.injectionTime = injectionTime;
48          this.metadataInjectionProcess = metadataInjectionProcess;
49          this.booleanUrl = this.injectionModel.getMediatorVendor().getVendor().instance().sqlTestTimeWithOperator(sqlQuery, blindMode);
50      }
51      
52      /**
53       * Constructor for bit test.
54       */
55      public CallableTime(
56          String sqlQuery,
57          int indexChar,
58          int bit,
59          InjectionModel injectionModel,
60          InjectionTime injectionTime,
61          BlindOperator blindMode,
62          String metadataInjectionProcess
63      ) {
64          this(sqlQuery, injectionModel, injectionTime, blindMode, metadataInjectionProcess);
65          this.booleanUrl = this.injectionModel.getMediatorVendor().getVendor().instance().sqlTimeBit(sqlQuery, indexChar, bit, blindMode);
66          this.currentIndex = indexChar;
67          this.currentBit = bit;
68      }
69      
70      @Override
71      public boolean isTrue() {
72          return this.diffSeconds < this.injectionTime.getSleepTime();
73      }
74  
75      /**
76       * Process the URL HTTP call, use function inject() from the model.
77       * Calculate the response time of the current page.
78       * @return Functional Time callable
79       */
80      @Override
81      public CallableTime call() {
82          this.calendarOnStart.setTime(new Date());
83          this.injectionTime.callUrl(this.booleanUrl, this.metadataInjectionProcess, this);
84          this.calendarOnEnd.setTime(new Date());
85          
86          long timeInMillisOnStart = this.calendarOnStart.getTimeInMillis();
87          long timeInMillisOnEnd = this.calendarOnEnd.getTimeInMillis();
88          long diff = timeInMillisOnEnd - timeInMillisOnStart;
89          
90          this.diffSeconds = diff / 1000;
91          return this;
92      }
93  }