ronin-code-sql 2.0.0.beta1 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (58) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ruby.yml +15 -0
  3. data/.rubocop.yml +13 -0
  4. data/.yardopts +1 -1
  5. data/ChangeLog.md +10 -1
  6. data/Gemfile +4 -0
  7. data/README.md +26 -16
  8. data/Rakefile +1 -0
  9. data/gemspec.yml +3 -3
  10. data/lib/ronin/code/sql/binary_expr.rb +35 -2
  11. data/lib/ronin/code/sql/clause.rb +19 -8
  12. data/lib/ronin/code/sql/clauses.rb +17 -15
  13. data/lib/ronin/code/sql/emittable.rb +9 -2
  14. data/lib/ronin/code/sql/emitter.rb +65 -26
  15. data/lib/ronin/code/sql/field.rb +31 -6
  16. data/lib/ronin/code/sql/fields.rb +1 -1
  17. data/lib/ronin/code/sql/function.rb +15 -4
  18. data/lib/ronin/code/sql/functions.rb +3 -15
  19. data/lib/ronin/code/sql/injection.rb +4 -4
  20. data/lib/ronin/code/sql/injection_expr.rb +1 -1
  21. data/lib/ronin/code/sql/literal.rb +17 -2
  22. data/lib/ronin/code/sql/literals.rb +1 -1
  23. data/lib/ronin/code/sql/mixin.rb +95 -0
  24. data/lib/ronin/code/sql/operators.rb +1 -1
  25. data/lib/ronin/code/sql/statement.rb +14 -3
  26. data/lib/ronin/code/sql/statement_list.rb +1 -1
  27. data/lib/ronin/code/sql/statements.rb +1 -1
  28. data/lib/ronin/code/sql/unary_expr.rb +24 -2
  29. data/lib/ronin/code/sql/version.rb +3 -3
  30. data/lib/ronin/code/sql.rb +5 -64
  31. data/lib/ronin/code/sqli.rb +30 -0
  32. data/ronin-code-sql.gemspec +5 -5
  33. metadata +10 -51
  34. data/spec/spec_helper.rb +0 -3
  35. data/spec/sql/binary_expr_examples.rb +0 -25
  36. data/spec/sql/binary_expr_spec.rb +0 -5
  37. data/spec/sql/clause_examples.rb +0 -43
  38. data/spec/sql/clause_spec.rb +0 -31
  39. data/spec/sql/clauses_spec.rb +0 -47
  40. data/spec/sql/emittable_spec.rb +0 -41
  41. data/spec/sql/emitter_spec.rb +0 -533
  42. data/spec/sql/field_spec.rb +0 -103
  43. data/spec/sql/fields_spec.rb +0 -40
  44. data/spec/sql/function_examples.rb +0 -30
  45. data/spec/sql/function_spec.rb +0 -25
  46. data/spec/sql/functions_spec.rb +0 -113
  47. data/spec/sql/injection_expr_spec.rb +0 -98
  48. data/spec/sql/injection_spec.rb +0 -172
  49. data/spec/sql/literal_spec.rb +0 -5
  50. data/spec/sql/literals_spec.rb +0 -46
  51. data/spec/sql/operators_spec.rb +0 -44
  52. data/spec/sql/statement_examples.rb +0 -39
  53. data/spec/sql/statement_list_spec.rb +0 -48
  54. data/spec/sql/statement_spec.rb +0 -38
  55. data/spec/sql/statements_spec.rb +0 -22
  56. data/spec/sql/unary_expr_examples.rb +0 -20
  57. data/spec/sql/unary_expr_spec.rb +0 -5
  58. data/spec/sql_spec.rb +0 -18
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -29,22 +29,33 @@ module Ronin
29
29
  #
30
30
  # @api semipublic
31
31
  #
32
- class Field < Struct.new(:name,:parent)
32
+ class Field
33
33
 
34
34
  include Operators
35
35
  include Emittable
36
36
 
37
+ # The name of the field.
38
+ #
39
+ # @return [String]
40
+ attr_reader :name
41
+
42
+ # The parent of the field name.
43
+ #
44
+ # @return [Field, nil]
45
+ attr_reader :parent
46
+
37
47
  #
38
48
  # Initializes the new field.
39
49
  #
40
50
  # @param [String] name
41
51
  # The name of the field.
42
52
  #
43
- # @param [Field] parent
53
+ # @param [Field, nil] parent
44
54
  # The parent of the field.
45
55
  #
46
56
  def initialize(name,parent=nil)
47
- super(name.to_s,parent)
57
+ @name = name.to_s
58
+ @parent = parent
48
59
  end
49
60
 
50
61
  #
@@ -59,13 +70,27 @@ module Ronin
59
70
  names = name.to_s.split('.',3)
60
71
  field = nil
61
72
 
62
- names.each { |name| field = new(name,field) }
73
+ names.each { |keyword| field = new(keyword,field) }
63
74
 
64
75
  return field
65
76
  end
66
77
 
67
78
  alias to_str to_s
68
79
 
80
+ #
81
+ # Determines if the field responds to the given method.
82
+ #
83
+ # @param [Symbol] name
84
+ # The method name.
85
+ #
86
+ # @return [Boolean]
87
+ # Will return false if the field already has two parents, otherwise
88
+ # will return true.
89
+ #
90
+ def respond_to_missing?(name)
91
+ self.parent.nil? || self.parent.parent.nil?
92
+ end
93
+
69
94
  protected
70
95
 
71
96
  #
@@ -75,7 +100,7 @@ module Ronin
75
100
  # The sub-field name.
76
101
  #
77
102
  # @param [Array] arguments
78
- # Additional mehtod arguments.
103
+ # Additional method arguments.
79
104
  #
80
105
  # @return [Field]
81
106
  # The sub-field for the given name.
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -29,11 +29,21 @@ module Ronin
29
29
  #
30
30
  # @api semipublic
31
31
  #
32
- class Function < Struct.new(:name,:arguments)
32
+ class Function
33
33
 
34
34
  include Operators
35
35
  include Emittable
36
36
 
37
+ # The function's name.
38
+ #
39
+ # @return [Symbol]
40
+ attr_reader :name
41
+
42
+ # The function's arguments.
43
+ #
44
+ # @return [Array]
45
+ attr_reader :arguments
46
+
37
47
  #
38
48
  # Creates a new Function object.
39
49
  #
@@ -41,10 +51,11 @@ module Ronin
41
51
  # The name of the function.
42
52
  #
43
53
  # @param [Array] arguments
44
- # The arguments of the function.
54
+ # The arguments being passed to the function.
45
55
  #
46
56
  def initialize(name,*arguments)
47
- super(name,arguments)
57
+ @name = name
58
+ @arguments = arguments
48
59
  end
49
60
 
50
61
  end
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -101,7 +101,7 @@ module Ronin
101
101
  #
102
102
  # The `SQRT` function.
103
103
  #
104
- # @param [Field, Symbol] field
104
+ # @param [Field, Function, Symbol, Numeric] field
105
105
  # The field to aggregate.
106
106
  #
107
107
  # @return [Function]
@@ -502,18 +502,6 @@ module Ronin
502
502
  Function.new(:SIN,x)
503
503
  end
504
504
 
505
- #
506
- # The `SQRT` function.
507
- #
508
- # @param [Field, Function, Symbol, Numeric] x
509
- #
510
- # @return [Function]
511
- # The new function.
512
- #
513
- def sqrt(x)
514
- Function.new(:SQRT,x)
515
- end
516
-
517
505
  #
518
506
  # The `STD` function.
519
507
  #
@@ -1045,7 +1033,7 @@ module Ronin
1045
1033
  def replace(string,from_string,to_string)
1046
1034
  Function.new(:REPLACE,string,from_string,to_string)
1047
1035
  end
1048
-
1036
+
1049
1037
  #
1050
1038
  # The `REVERSE` function.
1051
1039
  #
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -145,17 +145,17 @@ module Ronin
145
145
  when :string, :list
146
146
  if (terminate || (sql[0,1] != sql[-1,1]))
147
147
  # terminate the expression
148
- sql << ';--'
148
+ sql << ';' << emitter.emit_comment
149
149
  else
150
150
  sql = sql[0..-2]
151
151
  end
152
152
 
153
153
  # balance the quotes
154
- sql = sql[1..-1]
154
+ sql = sql[1..]
155
155
  else
156
156
  if terminate
157
157
  # terminate the expression
158
- sql << ';--'
158
+ sql << ';' << emitter.emit_comment
159
159
  end
160
160
  end
161
161
 
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -29,11 +29,26 @@ module Ronin
29
29
  #
30
30
  # @api semipublic
31
31
  #
32
- class Literal < Struct.new(:value)
32
+ class Literal
33
33
 
34
34
  include Operators
35
35
  include Emittable
36
36
 
37
+ # The literal value.
38
+ #
39
+ # @return [String, Integer, Float, :NULL]
40
+ attr_reader :value
41
+
42
+ #
43
+ # Initializes the literal value.
44
+ #
45
+ # @param [String, Integer, Float, :NULL] value
46
+ # The value for the literal.
47
+ #
48
+ def initialize(value)
49
+ @value = value
50
+ end
51
+
37
52
  end
38
53
  end
39
54
  end
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -0,0 +1,95 @@
1
+ # frozen_string_literal: true
2
+ #
3
+ # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
+ #
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
+ #
7
+ # ronin-code-sql is free software: you can redistribute it and/or modify
8
+ # it under the terms of the GNU Lesser General Public License as published
9
+ # by the Free Software Foundation, either version 3 of the License, or
10
+ # (at your option) any later version.
11
+ #
12
+ # ronin-code-sql is distributed in the hope that it will be useful,
13
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
14
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15
+ # GNU Lesser General Public License for more details.
16
+ #
17
+ # You should have received a copy of the GNU Lesser General Public License
18
+ # along with ronin-code-sql. If not, see <https://www.gnu.org/licenses/>.
19
+ #
20
+
21
+ require 'ronin/code/sql/statement_list'
22
+ require 'ronin/code/sql/injection'
23
+
24
+ module Ronin
25
+ module Code
26
+ module SQL
27
+ #
28
+ # Adds helper methods for building SQL or SQL injections.
29
+ #
30
+ # @since 2.1.0
31
+ #
32
+ module Mixin
33
+ #
34
+ # Creates a new SQL statement list.
35
+ #
36
+ # @yield [(statements)]
37
+ # If a block is given, it will be evaluated within the statement list.
38
+ # If the block accepts an argument, the block will be called with the
39
+ # new statement list.
40
+ #
41
+ # @yieldparam [StatementList] statements
42
+ # The new statement list.
43
+ #
44
+ # @return [StatementList]
45
+ # The new SQL statement list.
46
+ #
47
+ # @example
48
+ # sql { select(1,2,3,4,id).from(users) }
49
+ # # => #<Ronin::Code::SQL::StatementList: SELECT (1,2,3,4,id) FROM users>
50
+ #
51
+ # @api public
52
+ #
53
+ def sql(&block)
54
+ StatementList.new(&block)
55
+ end
56
+
57
+ #
58
+ # Creates a new SQL injection (SQLi)
59
+ #
60
+ # @param [Hash{Symbol => Object}] kwargs
61
+ # Additional keyword arguments for {Injection#initialize}.
62
+ #
63
+ # @option kwargs [:integer, :decimal, :string, :column] :escape
64
+ # The type of element to escape out of.
65
+ #
66
+ # @option kwargs [Boolean] :terminate
67
+ # Specifies whether to terminate the SQLi with a comment.
68
+ #
69
+ # @option kwargs [String, Symbol, Integer] :place_holder
70
+ # Place-holder data.
71
+ #
72
+ # @yield [(injection)]
73
+ # If a block is given, it will be evaluated within the injection.
74
+ # If the block accepts an argument, the block will be called with the
75
+ # new injection.
76
+ #
77
+ # @yieldparam [Injection] injection
78
+ # The new injection.
79
+ #
80
+ # @return [Injection]
81
+ # The new SQL injection.
82
+ #
83
+ # @example
84
+ # sqli { self.and { 1 == 1 }.select(1,2,3,4,id).from(users) }
85
+ # # => #<Ronin::Code::SQL::Injection: 1 AND 1=1; SELECT (1,2,3,4,id) FROM users; SELECT (1,2,3,4,id) FROM users>
86
+ #
87
+ # @api public
88
+ #
89
+ def sqli(**kwargs,&block)
90
+ Injection.new(**kwargs,&block)
91
+ end
92
+ end
93
+ end
94
+ end
95
+ end
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -32,13 +32,23 @@ module Ronin
32
32
  #
33
33
  # @api semipublic
34
34
  #
35
- class Statement < Struct.new(:keyword,:argument)
35
+ class Statement
36
36
 
37
37
  include Literals
38
38
  include Operators
39
39
  include Clauses
40
40
  include Emittable
41
41
 
42
+ # The statement name.
43
+ #
44
+ # @return [Symbol, Array<Symbol>]
45
+ attr_reader :keyword
46
+
47
+ # The statement's argument.
48
+ #
49
+ # @return [Object, nil]
50
+ attr_reader :argument
51
+
42
52
  #
43
53
  # Initializes a new SQL statement.
44
54
  #
@@ -56,7 +66,8 @@ module Ronin
56
66
  # Otherwise the block will be evaluated within the statement.
57
67
  #
58
68
  def initialize(keyword,argument=nil,&block)
59
- super(keyword,argument)
69
+ @keyword = keyword
70
+ @argument = argument
60
71
 
61
72
  if block
62
73
  case block.arity
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -28,10 +28,32 @@ module Ronin
28
28
  #
29
29
  # @api semipublic
30
30
  #
31
- class UnaryExpr < Struct.new(:operator,:operand)
31
+ class UnaryExpr
32
32
 
33
33
  include Emittable
34
34
 
35
+ # The unary operator symbol.
36
+ #
37
+ # @return [Symbol]
38
+ attr_reader :operator
39
+
40
+ # The unary operand.
41
+ #
42
+ # @return [Statement, BinaryExpr, Function, Field, Literal]
43
+ attr_reader :operand
44
+
45
+ #
46
+ # Initializes the unary expression.
47
+ #
48
+ # @param [Symbol] operator
49
+ #
50
+ # @param [Statement, BinaryExpr, Function, Field, Literal] operand
51
+ #
52
+ def initialize(operator,operand)
53
+ @operator = operator
54
+ @operand = operand
55
+ end
56
+
35
57
  end
36
58
  end
37
59
  end
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -21,8 +21,8 @@
21
21
  module Ronin
22
22
  module Code
23
23
  module SQL
24
- # Ronin SQL version
25
- VERSION = '2.0.0.beta1'
24
+ # ronin-code-sql version
25
+ VERSION = '2.1.0'
26
26
  end
27
27
  end
28
28
  end
@@ -2,7 +2,7 @@
2
2
  #
3
3
  # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
4
  #
5
- # Copyright (c) 2007-2022 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # ronin-code-sql is free software: you can redistribute it and/or modify
8
8
  # it under the terms of the GNU Lesser General Public License as published
@@ -18,8 +18,8 @@
18
18
  # along with ronin-code-sql. If not, see <https://www.gnu.org/licenses/>.
19
19
  #
20
20
 
21
- require 'ronin/code/sql/statement_list'
22
- require 'ronin/code/sql/injection'
21
+ require 'ronin/code/sql/mixin'
22
+ require 'ronin/code/sqli'
23
23
 
24
24
  module Ronin
25
25
  module Code
@@ -30,67 +30,8 @@ module Ronin
30
30
  # @see http://en.wikipedia.org/wiki/SQL_injection
31
31
  #
32
32
  module SQL
33
-
34
- #
35
- # Creates a new SQL statement list.
36
- #
37
- # @yield [(statements)]
38
- # If a block is given, it will be evaluated within the statement list.
39
- # If the block accepts an argument, the block will be called with the
40
- # new statement list.
41
- #
42
- # @yieldparam [StatementList] statements
43
- # The new statement list.
44
- #
45
- # @return [StatementList]
46
- # The new SQL statement list.
47
- #
48
- # @example
49
- # sql { select(1,2,3,4,id).from(users) }
50
- # # => #<Ronin::Code::SQL::StatementList: SELECT (1,2,3,4,id) FROM users>
51
- #
52
- # @api public
53
- #
54
- def sql(&block)
55
- StatementList.new(&block)
56
- end
57
-
58
- #
59
- # Creates a new SQL injection (SQLi)
60
- #
61
- # @param [Hash{Symbol => Object}] kwargs
62
- # Additional keyword arguments for {Injection#initialize}.
63
- #
64
- # @option kwargs [:integer, :decimal, :string, :column] :escape
65
- # The type of element to escape out of.
66
- #
67
- # @option kwargs [Boolean] :terminate
68
- # Specifies whether to terminate the SQLi with a comment.
69
- #
70
- # @option kwargs [String, Symbol, Integer] :place_holder
71
- # Place-holder data.
72
- #
73
- # @yield [(injection)]
74
- # If a block is given, it will be evaluated within the injection.
75
- # If the block accepts an argument, the block will be called with the
76
- # new injection.
77
- #
78
- # @yieldparam [Injection] injection
79
- # The new injection.
80
- #
81
- # @return [Injection]
82
- # The new SQL injection.
83
- #
84
- # @example
85
- # sqli { self.and { 1 == 1 }.select(1,2,3,4,id).from(users) }
86
- # # => #<Ronin::Code::SQL::Injection: 1 AND 1=1; SELECT (1,2,3,4,id) FROM users; SELECT (1,2,3,4,id) FROM users>
87
- #
88
- # @api public
89
- #
90
- def sqli(**kwargs,&block)
91
- Injection.new(**kwargs,&block)
92
- end
93
-
33
+ include Mixin
34
+ extend Mixin
94
35
  end
95
36
  end
96
37
  end
@@ -0,0 +1,30 @@
1
+ # frozen_string_literal: true
2
+ #
3
+ # ronin-code-sql - A Ruby DSL for crafting SQL Injections.
4
+ #
5
+ # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
6
+ #
7
+ # ronin-code-sql is free software: you can redistribute it and/or modify
8
+ # it under the terms of the GNU Lesser General Public License as published
9
+ # by the Free Software Foundation, either version 3 of the License, or
10
+ # (at your option) any later version.
11
+ #
12
+ # ronin-code-sql is distributed in the hope that it will be useful,
13
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
14
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15
+ # GNU Lesser General Public License for more details.
16
+ #
17
+ # You should have received a copy of the GNU Lesser General Public License
18
+ # along with ronin-code-sql. If not, see <https://www.gnu.org/licenses/>.
19
+ #
20
+
21
+ require 'ronin/code/sql/injection'
22
+
23
+ module Ronin
24
+ module Code
25
+ # Alias for {SQL::Injection}.
26
+ #
27
+ # @since 2.1.0
28
+ SQLI = SQL::Injection
29
+ end
30
+ end
@@ -1,4 +1,4 @@
1
- # encoding: utf-8
1
+ # frozen_string_literal: true
2
2
 
3
3
  require 'yaml'
4
4
 
@@ -22,19 +22,19 @@ Gem::Specification.new do |gem|
22
22
  gem.homepage = gemspec['homepage']
23
23
  gem.metadata = gemspec['metadata'] if gemspec['metadata']
24
24
 
25
- glob = lambda { |patterns| gem.files & Dir[*patterns] }
25
+ glob = ->(patterns) { gem.files & Dir[*patterns] }
26
26
 
27
27
  gem.files = `git ls-files`.split($/)
28
28
  gem.files = glob[gemspec['files']] if gemspec['files']
29
29
  gem.files += Array(gemspec['generated_files'])
30
+ # exclude test files from the packages gem
31
+ gem.files -= glob[gemspec['test_files'] || 'spec/{**/}*']
30
32
 
31
33
  gem.executables = gemspec.fetch('executables') do
32
34
  glob['bin/*'].map { |path| File.basename(path) }
33
35
  end
34
- gem.default_executable = gem.executables.first if Gem::VERSION < '1.7.'
35
36
 
36
37
  gem.extensions = glob[gemspec['extensions'] || 'ext/**/extconf.rb']
37
- gem.test_files = glob[gemspec['test_files'] || 'spec/{**/}*_spec.rb']
38
38
  gem.extra_rdoc_files = glob[gemspec['extra_doc_files'] || '*.{txt,md}']
39
39
 
40
40
  gem.require_paths = Array(gemspec.fetch('require_paths') {
@@ -46,7 +46,7 @@ Gem::Specification.new do |gem|
46
46
  gem.required_rubygems_version = gemspec['required_rubygems_version']
47
47
  gem.post_install_message = gemspec['post_install_message']
48
48
 
49
- split = lambda { |string| string.split(/,\s*/) }
49
+ split = ->(string) { string.split(/,\s*/) }
50
50
 
51
51
  if gemspec['dependencies']
52
52
  gemspec['dependencies'].each do |name,versions|