Skip to content
This repository has been archived by the owner on Jun 5, 2018. It is now read-only.
Permalink
Browse files Browse the repository at this point in the history
Método de execute alterado para SQLINJECTION , faltando apenas o méto…
…do de StoredProcedure
  • Loading branch information
bmattoso committed Feb 9, 2015
1 parent fa6443e commit cb8220c
Show file tree
Hide file tree
Showing 18 changed files with 133 additions and 60 deletions.
60 changes: 52 additions & 8 deletions injectIt/src/main/java/com/dextra/injectit/database/Database.java
@@ -1,11 +1,15 @@
package com.dextra.injectit.database;

import java.sql.CallableStatement;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

import sun.security.provider.ConfigFile.Spi;

public class Database {

private Database() {
Expand All @@ -19,23 +23,63 @@ private static Connection getConnection() {
}
}

public static ResultSet executeStoredPrcedure(String spCalled, Object... parameters){
Connection conn = getConnection();
CallableStatement cs = null;

try {
cs = conn.prepareCall(spCalled);
if (parameters != null)
for (int parameterIndex = 0; parameterIndex < parameters.length; ++parameterIndex){
cs.setObject(parameterIndex + 1, parameters[parameterIndex]);
}
System.out.println(cs.toString());
if (cs.execute())
return cs.executeQuery();
else
return null;
} catch (SQLException e) {

throw new RuntimeException(e);

} finally {
try {
if (cs != null) {
cs.close();
}
conn.close();
} catch (SQLException e) {
throw new RuntimeException(e);
}
}
}

public static ResultSet execute(String sql, Object... objects) {
Connection conn = getConnection();
Statement s = null;
PreparedStatement ps = null;

try {
s = conn.createStatement();
if (s.execute(sql)) {
return s.getResultSet();
} else {
System.out.println(sql);
ps = conn.prepareStatement(sql);

// Set the parameters
if (objects != null)
for (int parameterIndex = 0; parameterIndex < objects.length; ++parameterIndex){
ps.setObject(parameterIndex + 1, objects[parameterIndex]);
}

if (ps.execute())
return ps.getResultSet();
else
return null;
}

} catch (SQLException e) {
e.printStackTrace();
throw new RuntimeException(e);
} finally {
try {
if (s != null) {
s.close();
if (ps != null) {
ps.close();
}
conn.close();
} catch (SQLException e) {
Expand Down
Expand Up @@ -8,6 +8,14 @@ public static void execute() {
+ "password VARCHAR(100) NOT NULL, "
+ "creditCardNumber VARCHAR(12) NOT NULL)";
Database.execute(create);

String sp = "CREATE PROCEDURE sp_getUser "
+ "(@user VARCHAR(100)) "
+ "AS "
+ "BEGIN "
+ "SELECT * FROM USER WHERE NAME = @user "
+ "END";
Database.execute(sp);

insertUser("Guilherme", "EuAmoGatinhos", "123456789012");
insertUser("Bruno", "LaFooon", "187456779012");
Expand Down
Expand Up @@ -12,6 +12,7 @@
import javax.servlet.http.HttpServletResponse;

import com.dextra.injectit.database.Database;
import com.dextra.injectit.database.MockDatabase;
import com.dextra.injectit.database.User;
import com.google.gson.Gson;

Expand Down Expand Up @@ -66,9 +67,11 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp)

// Nome dos usuario pesquisado
String name = req.getParameter("name");
String[] names = new String[1];
names[0] = name;

String query = "SELECT * FROM USER WHERE NAME = '" + name + "'";
ResultSet users = Database.execute(query);
String query = "SELECT * FROM USER WHERE NAME = ?";
ResultSet users = Database.execute(query,names);

ArrayList<User> searchedUsers = new ArrayList<User>();
try {
Expand All @@ -93,13 +96,19 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp)
public static void main(String[] args) {
/////////////////
// TESTE DE SQL INJECTION
try {
MockDatabase.execute();


String query = "{call sp_getUser(?)}";

Object []objs = new Object [1];
objs[0] = "Jefferson";

ResultSet users = Database.executeStoredPrcedure(query, objs);

String query = "SELECT * FROM USER WHERE NAME = ?";
ResultSet users = Database.execute(query);
ArrayList<User> searchedUsers = new ArrayList<User>();

ArrayList<User> searchedUsers = new ArrayList<User>();
try {

while (users.next()){
searchedUsers.add(new User(users.getString(1),users.getString(2),users.getString(3)));
Expand All @@ -108,7 +117,7 @@ public static void main(String[] args) {
Gson gson = new Gson();
System.out.println(gson.toJson(searchedUsers));

} catch (SQLException e) {
} catch (Exception e) {
e.printStackTrace();
}
}
Expand Down
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file modified injectIt/target/injectIt-1.0-SNAPSHOT.war
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
7 changes: 5 additions & 2 deletions injectIt/target/injectIt-1.0-SNAPSHOT/index.html
Expand Up @@ -2,14 +2,17 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<script src="http://code.jquery.com/jquery-2.1.3.js"
type="text/javascript"></script>
</head>
<body>
<label for="search">Nome:</label>
<input type="text" id="search" name="search" />
<input type="button" value="Pesquisar" id="pesquisar" />
<div id="usuarios">
</div>

<script src="http://code.jquery.com/jquery-2.1.3.js" type="text/javascript"></script>
<script src="js/index.js" type="text/javascript"></script>
<script src="js/doT.js" type="text/javascript"></script>

</body>
</html>
45 changes: 28 additions & 17 deletions injectIt/target/injectIt-1.0-SNAPSHOT/js/index.js
@@ -1,18 +1,29 @@
$.ajax({
url : 'api/usuarios',
type : "GET",
}).done(function(resp) {
$("#usuarios").html(resp);
});
$(document).ready(function(){
$.ajax({
type : 'GET',
url : 'api/usuarios',
dataType : 'json'
}).success(function(strJson) {
$.get('templates/template.html').done(function(template) {
$('#usuarios').html(doT.template(template)(strJson));
});
})
});

$("#pesquisar").click(function() {
$.ajax({
url : 'api/usuarios',
type : "GET",
data : {
name : $("#search").val()
}
}).done(function(resp) {
$("#usuarios").html(resp);
});
});
$('#pesquisar').click(function() {

$.ajax({
url : 'api/usuarios',
type : 'POST',
data : {
name : $('#search').val()
},
dataType : 'json'
}).done(function(resp) {
console.info(resp);
$.get('templates/template.html',function (template){
$("#usuarios").html(doT.template(template)(resp));
}, "html");

});
});
12 changes: 7 additions & 5 deletions injectIt/target/injectIt-1.0-SNAPSHOT/templates/template.html
Expand Up @@ -6,12 +6,14 @@
<th>Numero do cartao: </th>
</tr>
</thead>
<tbody>
{{~it : client}}
<tbody>
{{console.info(it);}}
{{~it :user}}
<tr>
<td>{{=client.name}}</td>
<td>{{=client.password}}</td>
<td>{{=client.creditCardNumber}}</td>
{{console.info();}}
<td>{{=user.name}}</td>
<td>{{=user.password}}</td>
<td>{{=user.creditCardNumber}}</td>
</tr>
{{~}}
</tbody>
Expand Down
2 changes: 1 addition & 1 deletion injectIt/target/maven-archiver/pom.properties
@@ -1,5 +1,5 @@
#Generated by Maven
#Fri Feb 06 13:33:32 BRST 2015
#Sun Feb 08 22:05:57 BRST 2015
version=1.0-SNAPSHOT
groupId=com.dextra.injectIt
artifactId=injectIt
@@ -1,11 +1,5 @@
<<<<<<< HEAD
com/dextra/injectit/servlets/InjectServlet.class
com/dextra/injectit/database/MockDatabase.class
com/dextra/injectit/database/User.class
com/dextra/injectit/booter/ContextListener.class
=======
com/dextra/injectit/database/MockDatabase.class
>>>>>>> a83373cb29646b4fd9576b44d0ae4a4128cd7637
com/dextra/injectit/database/Database.class
com/dextra/injectit/booter/ContextListener.class
com/dextra/injectit/servlets/InjectServlet.class
com/dextra/injectit/database/User.class
@@ -1,13 +1,5 @@
<<<<<<< HEAD
/home/bruno.goncalves/Documentos/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/database/Database.java
/home/bruno.goncalves/Documentos/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/booter/ContextListener.java
/home/bruno.goncalves/Documentos/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/database/MockDatabase.java
/home/bruno.goncalves/Documentos/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/database/User.java
/home/bruno.goncalves/Documentos/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/servlets/InjectServlet.java
=======
/home/vinicius.moreti/projetos/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/database/MockDatabase.java
/home/vinicius.moreti/projetos/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/database/Database.java
/home/vinicius.moreti/projetos/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/database/User.java
/home/vinicius.moreti/projetos/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/booter/ContextListener.java
/home/vinicius.moreti/projetos/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/servlets/InjectServlet.java
>>>>>>> a83373cb29646b4fd9576b44d0ae4a4128cd7637
/home/bruno/Documents/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/database/User.java
/home/bruno/Documents/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/database/MockDatabase.java
/home/bruno/Documents/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/database/Database.java
/home/bruno/Documents/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/booter/ContextListener.java
/home/bruno/Documents/desafio_buzz_woody/injectIt/src/main/java/com/dextra/injectit/servlets/InjectServlet.java
10 changes: 10 additions & 0 deletions injectIt/target/tomcat/logs/access_log.2015-02-08
@@ -0,0 +1,10 @@
127.0.0.1 - - [08/Feb/2015:22:34:56 -0200] "GET / HTTP/1.1" 404 - http-bio-8080-exec-1 0
127.0.0.1 - - [08/Feb/2015:22:35:05 -0200] "GET /injectIt HTTP/1.1" 302 - http-bio-8080-exec-2 0
127.0.0.1 - - [08/Feb/2015:22:35:05 -0200] "GET /injectIt/ HTTP/1.1" 200 582 http-bio-8080-exec-3 215
127.0.0.1 - - [08/Feb/2015:22:35:05 -0200] "GET /injectIt/js/index.js HTTP/1.1" 200 597 http-bio-8080-exec-4 7
127.0.0.1 - - [08/Feb/2015:22:35:05 -0200] "GET /injectIt/js/doT.js HTTP/1.1" 200 5163 http-bio-8080-exec-5 31
127.0.0.1 - - [08/Feb/2015:22:35:06 -0200] "GET /injectIt/api/usuarios HTTP/1.1" 405 1065 http-bio-8080-exec-7 4
127.0.0.1 - - [08/Feb/2015:22:35:10 -0200] "POST /injectIt/api/usuarios HTTP/1.1" 200 12 http-bio-8080-exec-8 58
127.0.0.1 - - [08/Feb/2015:22:35:10 -0200] "GET /injectIt/templates/template.html HTTP/1.1" 200 296 http-bio-8080-exec-9 27
127.0.0.1 - - [08/Feb/2015:22:35:14 -0200] "POST /injectIt/api/usuarios HTTP/1.1" 200 84 http-bio-8080-exec-10 10
127.0.0.1 - - [08/Feb/2015:22:54:04 -0200] "GET /help/topic/com.vmware.ICbase/images/vmware_favicon.ico HTTP/1.1" 404 - http-bio-8080-exec-2 0

0 comments on commit cb8220c

Please sign in to comment.