View Javadoc
1   package com.jsql.model.suspendable;
2   
3   import com.jsql.model.InjectionModel;
4   import com.jsql.model.bean.util.Header;
5   import com.jsql.model.bean.util.Interaction;
6   import com.jsql.model.bean.util.Request;
7   import com.jsql.model.exception.JSqlRuntimeException;
8   import com.jsql.model.exception.StoppedByUserSlidingException;
9   import com.jsql.model.injection.strategy.blind.AbstractInjectionBit;
10  import com.jsql.model.injection.strategy.blind.InjectionVendor;
11  import com.jsql.util.LogLevelUtil;
12  import org.apache.commons.lang3.StringUtils;
13  import org.apache.logging.log4j.LogManager;
14  import org.apache.logging.log4j.Logger;
15  
16  import java.util.EnumMap;
17  import java.util.Map;
18  import java.util.concurrent.atomic.AtomicBoolean;
19  
20  public class SuspendableGetVendor extends AbstractSuspendable {
21  
22      private static final Logger LOGGER = LogManager.getRootLogger();
23  
24      public SuspendableGetVendor(InjectionModel injectionModel) {
25          super(injectionModel);
26      }
27  
28      @Override
29      public String run(Object... args) {
30          LOGGER.log(LogLevelUtil.CONSOLE_DEFAULT, "Fingerprinting database with Boolean match...");
31  
32          AtomicBoolean isVendorFound = new AtomicBoolean(false);
33          this.injectionModel.getMediatorVendor().getVendorsForFingerprint()
34          .stream()
35          .filter(vendor -> vendor != this.injectionModel.getMediatorVendor().getAuto())
36          .filter(vendor -> StringUtils.isNotEmpty(
37              vendor.instance().getModelYaml().getStrategy().getConfiguration().getFingerprint().getVendorSpecific()
38          ))
39          .forEach(vendor -> {
40              if (isVendorFound.get()) {
41                  return;
42              }
43              String vendorSpecificWithOperator = String.format(
44                  "%s %s",
45                  AbstractInjectionBit.BlindOperator.OR.name(),
46                  vendor.instance().getModelYaml().getStrategy().getConfiguration().getFingerprint().getVendorSpecific()
47              );
48              try {
49                  var injectionCharInsertion = new InjectionVendor(this.injectionModel, vendorSpecificWithOperator, vendor);
50                  if (injectionCharInsertion.isInjectable(vendorSpecificWithOperator)) {
51                      if (this.isSuspended()) {
52                          throw new StoppedByUserSlidingException();
53                      }
54  
55                      LOGGER.log(LogLevelUtil.CONSOLE_SUCCESS, "Found [{}] using Boolean match", vendor);
56                      this.injectionModel.getMediatorVendor().setVendor(vendor);
57                      isVendorFound.set(true);
58  
59                      var requestSetVendor = new Request();
60                      requestSetVendor.setMessage(Interaction.SET_VENDOR);
61                      Map<Header, Object> msgHeader = new EnumMap<>(Header.class);
62                      msgHeader.put(Header.URL, this.injectionModel.getMediatorUtils().getConnectionUtil().getUrlByUser());
63                      msgHeader.put(Header.VENDOR, this.injectionModel.getMediatorVendor().getVendor());
64                      requestSetVendor.setParameters(msgHeader);
65                      this.injectionModel.sendToViews(requestSetVendor);
66                  }
67              } catch (StoppedByUserSlidingException e) {
68                  throw new JSqlRuntimeException(e);
69              }
70          });
71          return null;  // unused
72      }
73  }