class Ronin::SQL::Injection

Represents a SQL injection (SQLi).

@api public

@see en.wikipedia.org/wiki/SQL_injection

Constants

PLACE_HOLDERS

Default place holder values.

Attributes

escape[R]

The type of element to escape out of

expression[R]

The expression that will be injected

Public Class Methods

new(options={},&block) click to toggle source

Initializes a new SQL injection.

@param [Hash] options

Additional injection options.

@option options [:integer, :decimal, :string, :column] :escape (:integer)

The type of element to escape out of.

@option options [Boolean] :terminate

Specifies whether to terminate the SQLi with a comment.

@option options [String, Symbol, Integer] :place_holder

Place-holder data.

@yield [(injection)]

If a block is given, it will be evaluated within the injection.
If the block accepts an argument, the block will be called with the
new injection.

@yieldparam [Injection] injection

The new injection.
Calls superclass method
# File lib/ronin/sql/injection.rb, line 80
def initialize(options={},&block)
  @escape       = options.fetch(:escape,:integer)

  place_holder = options.fetch(:place_holder) do
    PLACE_HOLDERS.fetch(@escape)
  end

  @expression = InjectionExpr.new(place_holder)

  super(&block)
end

Public Instance Methods

and(&block) click to toggle source

Appends an ‘AND` expression to the injection.

@yield [(expr)]

The return value of the block will be used as the right-hand side
operand.  If the block accepts an argument, it will be called with
the injection.

@yieldparam [InjectionExpr] expr

@return [self]

# File lib/ronin/sql/injection.rb, line 104
def and(&block)
  @expression.and(&block)
  return self
end
or(&block) click to toggle source

Appends an ‘OR` expression to the injection.

@yield [(expr)]

The return value of the block will be used as the right-hand side
operand. If the block accepts an argument, it will be called with
the injection expression.

@yieldparam [InjectionExp] expr

@return [self]

# File lib/ronin/sql/injection.rb, line 121
def or(&block)
  @expression.or(&block)
  return self
end
to_sql(options={}) click to toggle source

Converts the SQL injection to SQL.

@param [Hash] options

Additional options for {Emitter#initialize}.

@option options [Boolean] :terminate

Specifies whether to terminate the injection with `;--`.

@return [String]

The raw SQL.
# File lib/ronin/sql/injection.rb, line 138
def to_sql(options={})
  emitter = emitter(options)
  sql     = @expression.to_sql(options)

  unless clauses.empty?
    sql << emitter.space << emitter.emit_clauses(clauses)
  end

  unless statements.empty?
    sql << ';' << emitter.space << emitter.emit_statement_list(self)
  end

  case @escape
  when :string, :list
    if (options[:terminate] || (sql[0,1] != sql[-1,1]))
      # terminate the expression
      sql << ';--'
    else
      sql = sql[0..-2]
    end

    # balance the quotes
    sql = sql[1..-1]
  else
    if options[:terminate]
      # terminate the expression
      sql << ';--'
    end
  end

  return sql
end