-
Notifications
You must be signed in to change notification settings - Fork 26
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge DB2 database support for SQL injection, file exec and thread ki…
…ll functionality.
- Loading branch information
Showing
23 changed files
with
1,428 additions
and
376 deletions.
There are no files selected for viewing
90 changes: 90 additions & 0 deletions
90
src/main/java/com/waratek/spiracle/file/FileExecServlet.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
/* | ||
* Copyright 2014 Waratek Ltd. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
package com.waratek.spiracle.file; | ||
|
||
import java.io.BufferedReader; | ||
import java.io.BufferedWriter; | ||
import java.io.DataInputStream; | ||
import java.io.File; | ||
import java.io.FileWriter; | ||
import java.io.IOException; | ||
import java.io.InputStream; | ||
import java.io.InputStreamReader; | ||
import java.io.OutputStream; | ||
import java.util.Scanner; | ||
|
||
import javax.servlet.ServletException; | ||
import javax.servlet.annotation.WebServlet; | ||
import javax.servlet.http.HttpServlet; | ||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
import javax.servlet.http.HttpSession; | ||
|
||
import org.apache.log4j.Logger; | ||
|
||
/** | ||
* Servlet implementation class FileServlet | ||
*/ | ||
@WebServlet("/FileExecServlet") | ||
public class FileExecServlet extends HttpServlet { | ||
|
||
private static final Logger logger = Logger.getLogger(FileExecServlet.class); | ||
private static final long serialVersionUID = 1L; | ||
|
||
private static final String LINE_SEPARATOR = System.getProperty("line.separator"); | ||
|
||
/** | ||
* @see HttpServlet#HttpServlet() | ||
*/ | ||
public FileExecServlet() { | ||
super(); | ||
// TODO Auto-generated constructor stub | ||
} | ||
|
||
/** | ||
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse | ||
* response) | ||
*/ | ||
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
executeRequest(request, response); | ||
} | ||
|
||
/** | ||
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse | ||
* response) | ||
*/ | ||
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
executeRequest(request, response); | ||
} | ||
|
||
private void executeRequest(HttpServletRequest request, HttpServletResponse response) throws IOException { | ||
HttpSession session = request.getSession(); | ||
|
||
String command = request.getParameter("cmd"); | ||
|
||
Process p = Runtime.getRuntime().exec(command); | ||
InputStream in = p.getInputStream(); | ||
BufferedReader br = new BufferedReader(new InputStreamReader(p.getInputStream())); | ||
StringBuilder stringBuilder = new StringBuilder(); | ||
String line; | ||
while ((line = br.readLine()) != null) { | ||
stringBuilder.append(line).append(LINE_SEPARATOR); | ||
} | ||
session.setAttribute("fileContents", stringBuilder.toString()); | ||
|
||
response.sendRedirect("file.jsp"); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
65 changes: 65 additions & 0 deletions
65
src/main/java/com/waratek/spiracle/misc/GetThreadStack.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
package com.waratek.spiracle.misc; | ||
|
||
import java.io.IOException; | ||
import java.util.ArrayList; | ||
import java.util.Arrays; | ||
import java.util.List; | ||
import java.util.Map; | ||
import java.util.Set; | ||
import java.util.logging.Level; | ||
import java.util.logging.Logger; | ||
import javax.servlet.ServletException; | ||
import javax.servlet.annotation.WebServlet; | ||
import javax.servlet.http.HttpServlet; | ||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
import javax.servlet.http.HttpSession; | ||
|
||
/** | ||
* | ||
* @author skenny | ||
*/ | ||
@WebServlet("/GetThreadStack") | ||
public class GetThreadStack extends HttpServlet { | ||
|
||
private static final org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(GetThreadStack.class); | ||
private static final long serialVersionUID = 1L; | ||
|
||
@Override | ||
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
executeRequest(request, response); | ||
} | ||
|
||
@Override | ||
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
executeRequest(request, response); | ||
} | ||
|
||
private void executeRequest(HttpServletRequest request, HttpServletResponse response) throws IOException { | ||
try { | ||
HttpSession session = request.getSession(); | ||
String threadName = request.getParameter("threadName"); | ||
|
||
Map<Thread, StackTraceElement[]> stacktraceMap = Thread.getAllStackTraces(); | ||
Set<Thread> threadSet = stacktraceMap.keySet(); | ||
|
||
List<StackTraceElement> stackTrace = null; | ||
for (Thread thread : threadSet.toArray(new Thread[threadSet.size()])) { | ||
if (thread.getName().equals(threadName)) { | ||
logger.info("Found thread: " + threadName + ". Getting Stack Trace."); | ||
stackTrace = new ArrayList<StackTraceElement>(Arrays.asList(stacktraceMap.get(thread))); | ||
} | ||
} | ||
|
||
session.setAttribute("stackTrace", stackTrace); | ||
session.setAttribute("threadName", threadName); | ||
response.sendRedirect("misc.jsp"); | ||
|
||
} catch (SecurityException ex) { | ||
Logger.getLogger(GetThreadStack.class.getName()).log(Level.SEVERE, null, ex); | ||
} catch (IllegalArgumentException ex) { | ||
Logger.getLogger(GetThreadStack.class.getName()).log(Level.SEVERE, null, ex); | ||
} | ||
|
||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
package com.waratek.spiracle.misc; | ||
|
||
import java.io.IOException; | ||
import java.util.Set; | ||
import java.util.logging.Level; | ||
import java.util.logging.Logger; | ||
import javax.servlet.ServletException; | ||
import javax.servlet.annotation.WebServlet; | ||
import javax.servlet.http.HttpServlet; | ||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
|
||
@WebServlet("/ThreadKill") | ||
public class ThreadKill extends HttpServlet { | ||
|
||
private static final org.apache.log4j.Logger logger = org.apache.log4j.Logger.getLogger(ThreadKill.class); | ||
private static final long serialVersionUID = 1L; | ||
|
||
@Override | ||
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
executeRequest(request, response); | ||
} | ||
|
||
@Override | ||
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
executeRequest(request, response); | ||
} | ||
|
||
private void executeRequest(HttpServletRequest request, HttpServletResponse response) { | ||
try { | ||
String[] threadNames = request.getParameterValues("threadNames"); | ||
|
||
Set<Thread> threadSet = Thread.getAllStackTraces().keySet(); | ||
Thread[] threadArray = threadSet.toArray(new Thread[threadSet.size()]); | ||
|
||
for (String threadName : threadNames) { | ||
for (Thread thread : threadArray) { | ||
if (thread.getName().equals(threadName)) { | ||
logger.info(thread); | ||
thread.stop(); | ||
} | ||
} | ||
} | ||
response.sendRedirect("misc.jsp"); | ||
} catch (SecurityException ex) { | ||
Logger.getLogger(ThreadKill.class.getName()).log(Level.SEVERE, null, ex); | ||
} catch (IllegalArgumentException ex) { | ||
Logger.getLogger(ThreadKill.class.getName()).log(Level.SEVERE, null, ex); | ||
} catch (IOException ex) { | ||
Logger.getLogger(ThreadKill.class.getName()).log(Level.SEVERE, null, ex); | ||
} | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
80 changes: 80 additions & 0 deletions
80
src/main/java/com/waratek/spiracle/sql/servlet/db2/Db2_Get_Union.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
/* | ||
* Copyright 2014 Waratek Ltd. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
package com.waratek.spiracle.sql.servlet.db2; | ||
|
||
import java.io.IOException; | ||
import java.util.ArrayList; | ||
import java.util.List; | ||
import java.util.Map; | ||
|
||
import javax.servlet.ServletContext; | ||
import javax.servlet.ServletException; | ||
import javax.servlet.annotation.WebServlet; | ||
import javax.servlet.http.HttpServlet; | ||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
|
||
import com.waratek.spiracle.sql.servlet.util.ParameterNullFix; | ||
import com.waratek.spiracle.sql.util.SelectUtil; | ||
|
||
/** | ||
* Servlet implementation class Get_Union | ||
*/ | ||
@WebServlet("/Db2_Get_Union") | ||
public class Db2_Get_Union extends HttpServlet { | ||
private static final long serialVersionUID = 1L; | ||
|
||
/** | ||
* @see HttpServlet#HttpServlet() | ||
*/ | ||
public Db2_Get_Union() { | ||
super(); | ||
// TODO Auto-generated constructor stub | ||
} | ||
|
||
/** | ||
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) | ||
*/ | ||
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
executeRequest(request, response); | ||
} | ||
|
||
/** | ||
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) | ||
*/ | ||
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
executeRequest(request, response); | ||
} | ||
|
||
private void executeRequest(HttpServletRequest request, HttpServletResponse response) throws IOException { | ||
ServletContext application = this.getServletConfig().getServletContext(); | ||
List<String> queryStringList = new ArrayList<String>(); | ||
queryStringList.add("id"); | ||
|
||
Map<String, String> nullSanitizedMap = ParameterNullFix.sanitizeNull(queryStringList, request); | ||
|
||
String id = nullSanitizedMap.get("id"); | ||
|
||
String sql = "SELECT name, surname FROM spiracle.users WHERE id = " + id + " UNION SELECT address_1, address_2 FROM spiracle.address WHERE id = " + id; | ||
|
||
Boolean showErrors = true; | ||
Boolean allResults = true; | ||
Boolean showOutput = true; | ||
|
||
SelectUtil.executeQuery(sql, application, request, response, showErrors, allResults, showOutput); | ||
} | ||
|
||
} |
Oops, something went wrong.