ronin-sql 0.1.0

data/lib/ronin/code/sql/field.rb

@@ -0,0 +1,86 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/expr'
+require 'ronin/code/sql/between'
+
+module Ronin
+  module Code
+    module SQL
+      class Field < Expr
+
+        def initialize(style,name,prefix=nil)
+          super(style)
+
+          @prefix = prefix
+          @name = name
+        end
+
+        def *
+          field_cache['*'.to_sym]
+        end
+
+        def id
+          field_cache[:id]
+        end
+
+        def between(start,stop)
+          Between.new(self,start,stop)
+        end
+
+        def <=>(range)
+          between(range.begin,range.end)
+        end
+
+        def compile
+          if @prefix
+            return "#{@prefix}.#{@name}"
+          else
+            return @name.to_s
+          end
+        end
+
+        def to_sym
+          compile.to_sym
+        end
+
+        protected
+
+        def method_missing(sym,*args)
+          if (args.length==0 && @prefix.nil?)
+            return field_cache[sym]
+          end
+
+          raise(NoMethodError,sym.id2name)
+        end
+
+        private
+
+        def field_cache
+          @field_cache ||= Hash.new { |hash,key| hash[key] = Field.new(@style,key,self) }
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/function.rb

@@ -0,0 +1,52 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/expr'
+
+module Ronin
+  module Code
+    module SQL
+      class Function < Expr
+
+        def initialize(style,func,*fields)
+          super(style)
+
+          @style = style
+          @func = keyword(func)
+          @fields = fields
+        end
+
+        def compile
+          "#{@func}(#{fields?})"
+        end
+
+        protected
+
+        def fields?
+          return compile_list(@fields) unless @fields.empty?
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/in.rb

@@ -0,0 +1,49 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/expr'
+
+module Ronin
+  module Code
+    module SQL
+      class In < Expr
+
+        def initialize(style,field,*range)
+          super(style)
+
+          @field = field
+          @range = range
+        end
+
+        def compile
+          compile_expr(@field,keyword_in,compile_datalist(@range))
+        end
+
+        protected
+
+        keyword :in
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/injection.rb

@@ -0,0 +1,39 @@
+#
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+
+require 'ronin/code/sql/program'
+require 'ronin/code/sql/injection_style'
+require 'ronin/code/sql/injection_builder'
+require 'ronin/extensions/string'
+
+module Ronin
+  module Code
+    module SQL
+      class Injection < Program
+
+        def initialize(options={},&block)
+          @builder = InjectionBuilder.new(InjectionStyle.new(options),&block)
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/injection_builder.rb

@@ -0,0 +1,137 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/statement'
+require 'ronin/code/sql/injection_style'
+
+module Ronin
+  module Code
+    module SQL
+      class InjectionBuilder < Statement
+
+        def initialize(style,&block)
+          @escape = nil
+          @escape_data = nil
+          @expressions = []
+          @program = nil
+
+          super(style,&block)
+        end
+
+        def escape(var=1,&block)
+          @escape = nil
+          @escape_data = var
+
+          block.call if block
+          return self
+        end
+
+        def inject(*expr)
+          @expressions += expr
+          return self
+        end
+
+        def inject_and(expr)
+          inject(keyword_and, expr)
+        end
+
+        def inject_or(expr)
+          inject(keyword_or, expr)
+        end
+
+        def inject_sql(options={},&block)
+          @program = Program.new(@style,options,&block)
+        end
+
+        def all_rows(var=1)
+          inject_or(BinaryExpr.new(@style,'=',var,var))
+        end
+
+        def exact_rows(var=1)
+          inject_and(BinaryExpr.new(@style,'=',var,var))
+        end
+
+        def has_field?(name)
+          inject_or(field(name).is_not?(null))
+        end
+
+        def has_table?(table)
+          inject_and(select_from(table,:fields => count(all), :from => table)==1)
+        end
+
+        def uses_table?(table)
+          inject_or(table.is_not?(null))
+        end
+
+        def compile
+          injection_expr = lambda {
+            compile_expr("#{@escape_data}#{@escape}",*(@expressions))
+          }
+
+          append_comment = lambda { |str|
+            compile_expr(str,'--')
+          }
+
+          if @program
+            return compile_statements(injection_expr.call,append_comment.call(@program))
+          else
+            injection = injection_expr.call
+
+            if (@escape && injection =~ /#{@escape}\s*$/)
+              return injection.rstrip.chop
+            else
+              return append_comment.call(injection)
+            end
+          end
+        end
+
+        protected
+
+        keyword :or
+        keyword :and
+
+        def self.escape(name,char)
+          name = name.to_s.downcase.to_sym
+          char = char.to_s
+
+          class_eval %{
+            def escape_#{name}(var=nil,&block)
+              @escape = #{char.dump}
+              @escape_data = var
+
+              block.call if block
+              return self
+            end
+          }
+
+          return self
+        end
+
+        escape :string, "'"
+        escape :parenthesis, ')'
+        escape :statement, ';'
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/injection_style.rb

@@ -0,0 +1,79 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/style'
+
+module Ronin
+  module Code
+    module SQL
+      class InjectionStyle < Style
+
+        # Comment-Obfusticate all keywords
+        attr_accessor :comment_evasion
+
+        # Swapcase-Obfusciate all keywords
+        attr_accessor :case_evasion
+
+        def initialize(options={})
+          super(options)
+
+          if options[:comment_evasion].nil?
+            @comment_evasion = false
+          else
+            @comment_evasion = options[:comment_evasion]
+          end
+
+          if options[:case_evasion].nil?
+            @case_evasion = false
+          else
+            @case_evasion = options[:case_evasion]
+          end
+        end
+
+        def compile_space
+          if @comment_evasion
+            return '/**/'
+          else
+            return super
+          end
+        end
+
+        def compile_keyword(name)
+          name = name.to_s
+
+          if @case_evasion
+            (rand(name.length)+1).times do
+              i = rand(name.length-1).to_i
+              name[i] = name[i..i].swapcase
+            end
+
+            return name
+          else
+            return super(name)
+          end
+        end
+
+      end
+    end
+  end
+end