View Javadoc
1   package com.jsql.model.suspendable;
2   
3   import com.jsql.model.InjectionModel;
4   import com.jsql.model.bean.util.Header;
5   import com.jsql.model.bean.util.Interaction;
6   import com.jsql.model.bean.util.Request;
7   import com.jsql.model.exception.JSqlRuntimeException;
8   import com.jsql.model.exception.StoppedByUserSlidingException;
9   import com.jsql.model.injection.strategy.blind.AbstractInjectionBinary;
10  import com.jsql.model.injection.strategy.blind.InjectionVendor;
11  import com.jsql.util.LogLevelUtil;
12  import org.apache.commons.lang3.StringUtils;
13  import org.apache.logging.log4j.LogManager;
14  import org.apache.logging.log4j.Logger;
15  
16  import java.util.EnumMap;
17  import java.util.Map;
18  import java.util.concurrent.atomic.AtomicBoolean;
19  
20  public class SuspendableGetVendor extends AbstractSuspendable {
21  
22      /**
23       * Log4j logger sent to view.
24       */
25      private static final Logger LOGGER = LogManager.getRootLogger();
26  
27      public SuspendableGetVendor(InjectionModel injectionModel) {
28          super(injectionModel);
29      }
30  
31      @Override
32      public String run(Object... args) {
33          LOGGER.log(LogLevelUtil.CONSOLE_DEFAULT, "Fingerprinting vendor with Boolean match...");
34  
35          AtomicBoolean isVendorFound = new AtomicBoolean(false);
36          this.injectionModel.getMediatorVendor().getVendors()
37          .stream()
38          .filter(vendor -> vendor != this.injectionModel.getMediatorVendor().getAuto())
39          .filter(vendor -> StringUtils.isNotEmpty(
40              vendor.instance().getModelYaml().getStrategy().getConfiguration().getFingerprint().getVendorSpecific()
41          ))
42          .forEach(vendor -> {
43              if (isVendorFound.get()) {
44                  return;
45              }
46              String vendorSpecificWithMode = String.format(
47                  "%s %s",
48                  AbstractInjectionBinary.BinaryMode.OR.name(),
49                  vendor.instance().getModelYaml().getStrategy().getConfiguration().getFingerprint().getVendorSpecific()
50              );
51              try {
52                  var injectionCharInsertion = new InjectionVendor(this.injectionModel, vendorSpecificWithMode, vendor);
53                  if (injectionCharInsertion.isInjectable(vendorSpecificWithMode)) {
54  
55                      if (this.isSuspended()) {
56                          throw new StoppedByUserSlidingException();
57                      }
58  
59                      LOGGER.log(LogLevelUtil.CONSOLE_SUCCESS, "Found vendor [{}] using Boolean match", vendor);
60                      this.injectionModel.getMediatorVendor().setVendor(vendor);
61                      isVendorFound.set(true);
62  
63                      var requestSetVendor = new Request();
64                      requestSetVendor.setMessage(Interaction.SET_VENDOR);
65                      Map<Header, Object> msgHeader = new EnumMap<>(Header.class);
66                      msgHeader.put(Header.URL, this.injectionModel.getMediatorUtils().getConnectionUtil().getUrlByUser());
67                      msgHeader.put(Header.VENDOR, this.injectionModel.getMediatorVendor().getVendor());
68                      requestSetVendor.setParameters(msgHeader);
69                      this.injectionModel.sendToViews(requestSetVendor);
70                  }
71              } catch (StoppedByUserSlidingException e) {
72                  throw new JSqlRuntimeException(e);
73              }
74          });
75          return null;
76      }
77  }