1 package com.jsql.view.swing.panel.preferences;
2
3 import com.jsql.view.swing.panel.PanelPreferences;
4 import com.jsql.view.swing.panel.preferences.listener.SpinnerMouseWheelListener;
5 import com.jsql.view.swing.text.JPopupTextField;
6 import com.jsql.view.swing.text.listener.DocumentListenerEditing;
7 import com.jsql.view.swing.util.MediatorHelper;
8
9 import javax.swing.*;
10 import java.awt.*;
11 import java.awt.event.ActionListener;
12 import java.util.Arrays;
13 import java.util.stream.Stream;
14
15 public class PanelConnection extends JPanel {
16
17 public static final String CHECKBOX_IS_FOLLOWING_REDIRECTION = "checkboxIsFollowingRedirection";
18
19 private final JCheckBox checkboxIsFollowingRedirection = new JCheckBox("Follow redirection", MediatorHelper.model().getMediatorUtils().preferencesUtil().isFollowingRedirection());
20 private final JCheckBox checkboxIsHttp2Disabled = new JCheckBox("Disable HTTP/2", MediatorHelper.model().getMediatorUtils().preferencesUtil().isHttp2Disabled());
21 private final JCheckBox checkboxIsNotTestingConnection = new JCheckBox("Disable connection test", MediatorHelper.model().getMediatorUtils().preferencesUtil().isNotTestingConnection());
22 private final JCheckBox checkboxIsNotProcessingCookies = new JCheckBox("Disable session cookies", MediatorHelper.model().getMediatorUtils().preferencesUtil().isNotProcessingCookies());
23 private final JCheckBox checkboxIsProcessingCsrf = new JCheckBox("Process CSRF token (search for XSRF-TOKEN/.../_csrf ; then set X-XSRF-TOKEN/.../_csrf)", MediatorHelper.model().getMediatorUtils().preferencesUtil().isProcessingCsrf());
24 private final JCheckBox checkboxIsLimitingThreads = new JCheckBox("Limit processing threads:", MediatorHelper.model().getMediatorUtils().preferencesUtil().isLimitingThreads());
25 private final JCheckBox checkboxIsConnectionTimeout = new JCheckBox("Set timeout:", MediatorHelper.model().getMediatorUtils().preferencesUtil().isConnectionTimeout());
26 private final JCheckBox checkboxIsUnicodeDecodeDisabled = new JCheckBox("Disable Unicode decoding in response", MediatorHelper.model().getMediatorUtils().preferencesUtil().isUnicodeDecodeDisabled());
27 private final JCheckBox checkboxIsUrlDecodeDisabled = new JCheckBox("Disable Url decoding in response", MediatorHelper.model().getMediatorUtils().preferencesUtil().isUrlDecodeDisabled());
28
29 private final JSpinner spinnerLimitingThreads = new JSpinner();
30 private final JSpinner spinnerConnectionTimeout = new JSpinner();
31
32 private final JCheckBox checkboxIsCsrfUserTag = new JCheckBox("Custom CSRF:", MediatorHelper.model().getMediatorUtils().preferencesUtil().isCsrfUserTag());
33 private final JTextField textfieldCustomCsrfInputToken = new JPopupTextField(MediatorHelper.model().getMediatorUtils().preferencesUtil().csrfUserTag()).getProxy();
34 private final JTextField textfieldCustomCsrfOutputToken = new JPopupTextField(MediatorHelper.model().getMediatorUtils().preferencesUtil().csrfUserTagOutput()).getProxy();
35
36 public PanelConnection(PanelPreferences panelPreferences) {
37 this.checkboxIsFollowingRedirection.setToolTipText(
38 "<html>HTTP 3XX response indicates page's location has changed.<br>" +
39 "Redirect automatically to the new location.</html>"
40 );
41 this.checkboxIsHttp2Disabled.setToolTipText("<html>Some website works with HTTP/1.1 only.<br>Disable HTTP/2 in favor of HTTP/1.1.</html>");
42 this.checkboxIsUnicodeDecodeDisabled.setToolTipText(
43 "<html>Unicode entities \\uXXXX are decoded to raw characters by default.<br>" +
44 "Check to disable this behavior.</html>"
45 );
46 this.checkboxIsUrlDecodeDisabled.setToolTipText(
47 "<html>Url entities %XX are decoded to raw characters by default.<br>" +
48 "Check to disable this behavior.</html>"
49 );
50 this.checkboxIsNotTestingConnection.setToolTipText(
51 "<html>Connectivity to target is checked first to stop when target is dead, like with 404 Not Found.<br>"
52 + "Check option to process with injection whatever problem exists.</html>"
53 );
54 this.checkboxIsNotProcessingCookies.setToolTipText(
55 "<html>Cookies persist data between connections.<br>" +
56 "Sometimes persisted data like user's session is messing with injection and have to be ignored.</html>"
57 );
58 this.checkboxIsLimitingThreads.setToolTipText(
59 "<html>Various tasks are processed in parallel to save time.<br>"
60 + "Target that detects too much calls during a period can close the connection,<br>"
61 + "in that case it helps lowering threads or keeping a single thread.</html>"
62 );
63 this.checkboxIsConnectionTimeout.setToolTipText("End connection when target takes this long to answer, it can be lowered down to save time in some cases.");
64 this.checkboxIsProcessingCsrf.setToolTipText(
65 "<html>Search for common CSRF tokens in response header and body.<br>" +
66 "Inject back the value in the query, header and request body.</html>"
67 );
68
69 var panelConnectionTimeout = new JPanel();
70 panelConnectionTimeout.setLayout(new BoxLayout(panelConnectionTimeout, BoxLayout.X_AXIS));
71 panelConnectionTimeout.add(new JLabel("Close connection after "));
72 panelConnectionTimeout.add(this.spinnerConnectionTimeout);
73 panelConnectionTimeout.add(new JLabel(" s ; default 15s"));
74 panelConnectionTimeout.setMaximumSize(new Dimension(125, this.spinnerConnectionTimeout.getPreferredSize().height));
75 int countConnectionTimeout = MediatorHelper.model().getMediatorUtils().preferencesUtil().countConnectionTimeout();
76 var spinnerConnectionModel = new SpinnerNumberModel(
77 countConnectionTimeout <= 0 ? 15 : countConnectionTimeout,
78 1,
79 30,
80 1
81 );
82 this.spinnerConnectionTimeout.setModel(spinnerConnectionModel);
83 this.spinnerConnectionTimeout.addMouseWheelListener(new SpinnerMouseWheelListener());
84 this.spinnerConnectionTimeout.addChangeListener(e -> panelPreferences.getActionListenerSave().actionPerformed(null));
85
86 var panelThreadCount = new JPanel();
87 panelThreadCount.setLayout(new BoxLayout(panelThreadCount, BoxLayout.X_AXIS));
88 panelThreadCount.add(new JLabel("Use "));
89 panelThreadCount.add(this.spinnerLimitingThreads);
90 panelThreadCount.add(new JLabel(" thread(s) ; default 5 threads"));
91 panelThreadCount.setMaximumSize(new Dimension(125, this.spinnerLimitingThreads.getPreferredSize().height));
92 int countLimitingThreads = MediatorHelper.model().getMediatorUtils().preferencesUtil().countLimitingThreads();
93 var spinnerNumberModel = new SpinnerNumberModel(
94 countLimitingThreads <= 0 ? 10 : countLimitingThreads,
95 1,
96 100,
97 1
98 );
99 this.spinnerLimitingThreads.setModel(spinnerNumberModel);
100 this.spinnerLimitingThreads.addMouseWheelListener(new SpinnerMouseWheelListener());
101 this.spinnerLimitingThreads.addChangeListener(e -> panelPreferences.getActionListenerSave().actionPerformed(null));
102
103 this.checkboxIsCsrfUserTag.setToolTipText(
104 "<html>Process custom CSRF.<br>" +
105 "Read value from input token and write value to output token.</html>"
106 );
107
108 var panelCsrfUserTagInput = new JPanel();
109 panelCsrfUserTagInput.setLayout(new BoxLayout(panelCsrfUserTagInput, BoxLayout.LINE_AXIS));
110 panelCsrfUserTagInput.add(new JLabel("Input token to find "));
111 panelCsrfUserTagInput.add(this.textfieldCustomCsrfInputToken);
112 panelCsrfUserTagInput.setMaximumSize(new Dimension(450, this.textfieldCustomCsrfInputToken.getPreferredSize().height));
113
114 var panelCsrfUserTagOutput = new JPanel();
115 panelCsrfUserTagOutput.setLayout(new BoxLayout(panelCsrfUserTagOutput, BoxLayout.LINE_AXIS));
116 panelCsrfUserTagOutput.add(new JLabel("Output token to write "));
117 panelCsrfUserTagOutput.add(this.textfieldCustomCsrfOutputToken);
118 panelCsrfUserTagOutput.setMaximumSize(new Dimension(450, this.textfieldCustomCsrfInputToken.getPreferredSize().height));
119
120 this.textfieldCustomCsrfInputToken.getDocument().addDocumentListener(new DocumentListenerEditing() {
121 @Override
122 public void process() {
123 panelPreferences.getActionListenerSave().actionPerformed(null);
124 }
125 });
126 this.textfieldCustomCsrfOutputToken.getDocument().addDocumentListener(new DocumentListenerEditing() {
127 @Override
128 public void process() {
129 panelPreferences.getActionListenerSave().actionPerformed(null);
130 }
131 });
132
133 ActionListener actionListenerNotProcessingCookies = actionEvent -> {
134 this.checkboxIsProcessingCsrf.setEnabled(!this.checkboxIsNotProcessingCookies.isSelected());
135 this.textfieldCustomCsrfInputToken.setEnabled(!this.checkboxIsNotProcessingCookies.isSelected());
136 this.textfieldCustomCsrfOutputToken.setEnabled(!this.checkboxIsNotProcessingCookies.isSelected());
137 this.checkboxIsCsrfUserTag.setEnabled(!this.checkboxIsNotProcessingCookies.isSelected());
138 panelPreferences.getActionListenerSave().actionPerformed(null);
139 };
140 this.checkboxIsNotProcessingCookies.addActionListener(actionListenerNotProcessingCookies);
141
142 this.textfieldCustomCsrfInputToken.setEnabled(!this.checkboxIsNotProcessingCookies.isSelected());
143 this.textfieldCustomCsrfOutputToken.setEnabled(!this.checkboxIsNotProcessingCookies.isSelected());
144 this.checkboxIsProcessingCsrf.setEnabled(!this.checkboxIsNotProcessingCookies.isSelected());
145 this.checkboxIsCsrfUserTag.setEnabled(!this.checkboxIsNotProcessingCookies.isSelected());
146
147 Stream.of(
148 this.checkboxIsFollowingRedirection,
149 this.checkboxIsHttp2Disabled,
150 this.checkboxIsUnicodeDecodeDisabled,
151 this.checkboxIsUrlDecodeDisabled,
152 this.checkboxIsNotTestingConnection,
153 this.checkboxIsProcessingCsrf,
154 this.checkboxIsCsrfUserTag,
155 this.checkboxIsNotProcessingCookies,
156 this.checkboxIsLimitingThreads,
157 this.checkboxIsConnectionTimeout
158 )
159 .forEach(button -> button.addActionListener(panelPreferences.getActionListenerSave()));
160
161 this.checkboxIsFollowingRedirection.setName(PanelConnection.CHECKBOX_IS_FOLLOWING_REDIRECTION);
162 this.checkboxIsHttp2Disabled.setName("checkboxIsHttp2Disabled");
163 this.checkboxIsUnicodeDecodeDisabled.setName("checkboxIsUnicodeDecodeDisabled");
164 this.checkboxIsUrlDecodeDisabled.setName("checkboxIsUrlDecodeDisabled");
165 this.checkboxIsNotTestingConnection.setName("checkboxIsNotTestingConnection");
166 this.checkboxIsProcessingCsrf.setName("checkboxIsProcessingCsrf");
167 this.checkboxIsCsrfUserTag.setName("checkboxIsCsrfUserTag");
168 this.checkboxIsNotProcessingCookies.setName("checkboxIsNotProcessingCookies");
169 this.checkboxIsLimitingThreads.setName("checkboxIsLimitingThreads");
170 this.checkboxIsConnectionTimeout.setName("checkboxIsConnectionTimeout");
171
172 var labelOrigin = new JLabel("<html><b>Network settings</b></html>");
173 var labelSessionManagement = new JLabel("<html><br /><b>Session and Cookie management</b></html>");
174 Arrays.asList(labelOrigin, labelSessionManagement)
175 .forEach(label -> label.setBorder(PanelGeneral.MARGIN));
176
177 var groupLayout = new GroupLayout(this);
178 this.setLayout(groupLayout);
179
180 groupLayout.setHorizontalGroup(
181 groupLayout
182 .createSequentialGroup()
183 .addGroup(
184 groupLayout
185 .createParallelGroup(GroupLayout.Alignment.LEADING, false)
186 .addComponent(labelOrigin)
187 .addComponent(this.checkboxIsFollowingRedirection)
188 .addComponent(this.checkboxIsHttp2Disabled)
189 .addComponent(this.checkboxIsUnicodeDecodeDisabled)
190 .addComponent(this.checkboxIsUrlDecodeDisabled)
191 .addComponent(this.checkboxIsNotTestingConnection)
192 .addComponent(this.checkboxIsLimitingThreads)
193 .addComponent(panelThreadCount)
194 .addComponent(this.checkboxIsConnectionTimeout)
195 .addComponent(panelConnectionTimeout)
196 .addComponent(labelSessionManagement)
197 .addComponent(this.checkboxIsNotProcessingCookies)
198 .addComponent(this.checkboxIsProcessingCsrf)
199 .addComponent(this.checkboxIsCsrfUserTag)
200 .addComponent(panelCsrfUserTagInput)
201 .addComponent(panelCsrfUserTagOutput)
202 )
203 );
204
205 groupLayout.setVerticalGroup(
206 groupLayout
207 .createSequentialGroup()
208 .addGroup(
209 groupLayout
210 .createParallelGroup(GroupLayout.Alignment.BASELINE)
211 .addComponent(labelOrigin)
212 )
213 .addGroup(
214 groupLayout
215 .createParallelGroup(GroupLayout.Alignment.BASELINE)
216 .addComponent(this.checkboxIsFollowingRedirection)
217 )
218 .addGroup(
219 groupLayout
220 .createParallelGroup(GroupLayout.Alignment.BASELINE)
221 .addComponent(this.checkboxIsHttp2Disabled)
222 )
223 .addGroup(
224 groupLayout
225 .createParallelGroup(GroupLayout.Alignment.BASELINE)
226 .addComponent(this.checkboxIsUnicodeDecodeDisabled)
227 )
228 .addGroup(
229 groupLayout
230 .createParallelGroup(GroupLayout.Alignment.BASELINE)
231 .addComponent(this.checkboxIsUrlDecodeDisabled)
232 )
233 .addGroup(
234 groupLayout
235 .createParallelGroup(GroupLayout.Alignment.BASELINE)
236 .addComponent(this.checkboxIsNotTestingConnection)
237 )
238 .addGroup(
239 groupLayout
240 .createParallelGroup(GroupLayout.Alignment.BASELINE)
241 .addComponent(this.checkboxIsLimitingThreads)
242 )
243 .addGroup(
244 groupLayout
245 .createParallelGroup(GroupLayout.Alignment.BASELINE)
246 .addComponent(panelThreadCount)
247 )
248 .addGroup(
249 groupLayout
250 .createParallelGroup(GroupLayout.Alignment.BASELINE)
251 .addComponent(this.checkboxIsConnectionTimeout)
252 )
253 .addGroup(
254 groupLayout
255 .createParallelGroup(GroupLayout.Alignment.BASELINE)
256 .addComponent(panelConnectionTimeout)
257 )
258
259 .addGroup(
260 groupLayout
261 .createParallelGroup(GroupLayout.Alignment.BASELINE)
262 .addComponent(labelSessionManagement)
263 )
264 .addGroup(
265 groupLayout
266 .createParallelGroup(GroupLayout.Alignment.BASELINE)
267 .addComponent(this.checkboxIsNotProcessingCookies)
268 )
269 .addGroup(
270 groupLayout
271 .createParallelGroup(GroupLayout.Alignment.BASELINE)
272 .addComponent(this.checkboxIsProcessingCsrf)
273 )
274 .addGroup(
275 groupLayout
276 .createParallelGroup(GroupLayout.Alignment.BASELINE)
277 .addComponent(this.checkboxIsCsrfUserTag)
278 )
279 .addGroup(
280 groupLayout
281 .createParallelGroup(GroupLayout.Alignment.BASELINE)
282 .addComponent(panelCsrfUserTagInput)
283 )
284 .addGroup(
285 groupLayout
286 .createParallelGroup(GroupLayout.Alignment.BASELINE)
287 .addComponent(panelCsrfUserTagOutput)
288 )
289 );
290 }
291
292
293
294
295 public JCheckBox getCheckboxIsFollowingRedirection() {
296 return this.checkboxIsFollowingRedirection;
297 }
298
299 public JCheckBox getCheckboxIsHttp2Disabled() {
300 return this.checkboxIsHttp2Disabled;
301 }
302
303 public JCheckBox getCheckboxIsUnicodeDecodeDisabled() {
304 return this.checkboxIsUnicodeDecodeDisabled;
305 }
306
307 public JCheckBox getCheckboxIsUrlDecodeDisabled() {
308 return this.checkboxIsUrlDecodeDisabled;
309 }
310
311 public JCheckBox getCheckboxIsNotTestingConnection() {
312 return this.checkboxIsNotTestingConnection;
313 }
314
315 public JCheckBox getCheckboxIsNotProcessingCookies() {
316 return this.checkboxIsNotProcessingCookies;
317 }
318
319 public JCheckBox getCheckboxIsProcessingCsrf() {
320 return this.checkboxIsProcessingCsrf;
321 }
322
323 public JCheckBox getCheckboxIsLimitingThreads() {
324 return this.checkboxIsLimitingThreads;
325 }
326
327 public JSpinner getSpinnerLimitingThreads() {
328 return this.spinnerLimitingThreads;
329 }
330
331 public JCheckBox getCheckboxIsConnectionTimeout() {
332 return this.checkboxIsConnectionTimeout;
333 }
334
335 public JSpinner getSpinnerConnectionTimeout() {
336 return this.spinnerConnectionTimeout;
337 }
338
339 public JCheckBox getCheckboxIsCsrfUserTag() {
340 return this.checkboxIsCsrfUserTag;
341 }
342
343 public JTextField getTextfieldCsrfUserTag() {
344 return this.textfieldCustomCsrfInputToken;
345 }
346
347 public JTextField getTextfieldCsrfUserTagOutput() {
348 return this.textfieldCustomCsrfOutputToken;
349 }
350 }