ronin-sql 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (101) hide show
  1. data/History.txt +43 -0
  2. data/Manifest.txt +76 -23
  3. data/README.txt +31 -6
  4. data/Rakefile +2 -2
  5. data/lib/ronin/code/sql/{keyword.rb → add_column_clause.rb} +9 -13
  6. data/lib/ronin/code/sql/as.rb +47 -0
  7. data/lib/ronin/code/sql/asc.rb +38 -0
  8. data/lib/ronin/code/sql/between.rb +18 -12
  9. data/lib/ronin/code/sql/binary_expr.rb +12 -5
  10. data/lib/ronin/code/sql/clause.rb +37 -0
  11. data/lib/ronin/code/sql/code.rb +1 -1
  12. data/lib/ronin/code/sql/common_dialect.rb +16 -10
  13. data/lib/ronin/code/sql/create.rb +68 -0
  14. data/lib/ronin/code/sql/create_index.rb +9 -39
  15. data/lib/ronin/code/sql/create_table.rb +9 -56
  16. data/lib/ronin/code/sql/create_view.rb +7 -29
  17. data/lib/ronin/code/sql/default_values_clause.rb +38 -0
  18. data/lib/ronin/code/sql/delete.rb +10 -25
  19. data/lib/ronin/code/sql/desc.rb +38 -0
  20. data/lib/ronin/code/sql/dialect.rb +172 -52
  21. data/lib/ronin/code/sql/{builder.rb → drop.rb} +16 -20
  22. data/lib/ronin/code/sql/drop_index.rb +43 -0
  23. data/lib/ronin/code/sql/drop_table.rb +8 -16
  24. data/lib/ronin/code/sql/drop_view.rb +43 -0
  25. data/lib/ronin/code/sql/emittable.rb +102 -0
  26. data/lib/ronin/code/sql/exceptions/unknown_clause.rb +31 -0
  27. data/lib/ronin/code/sql/exceptions/unknown_dialect.rb +2 -2
  28. data/lib/ronin/code/sql/exceptions/unknown_statement.rb +31 -0
  29. data/lib/ronin/code/sql/exceptions.rb +3 -1
  30. data/lib/ronin/code/sql/expr.rb +7 -96
  31. data/lib/ronin/code/sql/field.rb +40 -23
  32. data/lib/ronin/code/sql/fields_clause.rb +48 -0
  33. data/lib/ronin/code/sql/from_clause.rb +44 -0
  34. data/lib/ronin/code/sql/function.rb +15 -12
  35. data/lib/ronin/code/sql/group_by_clause.rb +48 -0
  36. data/lib/ronin/code/sql/having_clause.rb +48 -0
  37. data/lib/ronin/code/sql/in.rb +9 -9
  38. data/lib/ronin/code/sql/injected_statement.rb +102 -0
  39. data/lib/ronin/code/sql/injection.rb +171 -5
  40. data/lib/ronin/code/sql/insert.rb +15 -45
  41. data/lib/ronin/code/sql/intersect_clause.rb +44 -0
  42. data/lib/ronin/code/sql/join_clause.rb +125 -0
  43. data/lib/ronin/code/sql/{like_expr.rb → like.rb} +19 -31
  44. data/lib/ronin/code/sql/limit_clause.rb +44 -0
  45. data/lib/ronin/code/sql/modifier.rb +50 -0
  46. data/lib/ronin/code/sql/offset_clause.rb +44 -0
  47. data/lib/ronin/code/sql/on_clause.rb +57 -0
  48. data/lib/ronin/code/sql/order_by_clause.rb +44 -0
  49. data/lib/ronin/code/sql/program.rb +170 -23
  50. data/lib/ronin/code/sql/rename_to_clause.rb +44 -0
  51. data/lib/ronin/code/sql/replace.rb +15 -17
  52. data/lib/ronin/code/sql/select.rb +46 -141
  53. data/lib/ronin/code/sql/set_clause.rb +44 -0
  54. data/lib/ronin/code/sql/statement.rb +117 -47
  55. data/lib/ronin/code/sql/token.rb +64 -0
  56. data/lib/ronin/code/sql/unary_expr.rb +9 -5
  57. data/lib/ronin/code/sql/union_all_clause.rb +44 -0
  58. data/lib/ronin/code/sql/union_clause.rb +44 -0
  59. data/lib/ronin/code/sql/update.rb +10 -31
  60. data/lib/ronin/code/sql/values_clause.rb +48 -0
  61. data/lib/ronin/code/sql/where_clause.rb +44 -0
  62. data/lib/ronin/code/sql.rb +1 -1
  63. data/lib/ronin/sql/error/error.rb +64 -0
  64. data/lib/ronin/sql/error/message.rb +64 -0
  65. data/lib/ronin/sql/error/pattern.rb +106 -0
  66. data/lib/ronin/sql/error/patterns.rb +100 -0
  67. data/lib/ronin/sql/error.rb +5 -30
  68. data/lib/ronin/sql/extensions/uri/http.rb +76 -21
  69. data/lib/ronin/sql/extensions/uri.rb +1 -1
  70. data/lib/ronin/sql/extensions.rb +2 -1
  71. data/lib/ronin/sql/injection.rb +213 -0
  72. data/lib/ronin/sql/version.rb +2 -2
  73. data/lib/ronin/sql.rb +7 -2
  74. data/spec/code/sql/create_examples.rb +19 -0
  75. data/spec/code/sql/create_index_spec.rb +25 -0
  76. data/spec/code/sql/create_table_spec.rb +27 -0
  77. data/spec/code/sql/create_view_spec.rb +16 -0
  78. data/spec/code/sql/delete_spec.rb +14 -0
  79. data/spec/code/sql/drop_examples.rb +10 -0
  80. data/spec/code/sql/drop_index_spec.rb +16 -0
  81. data/spec/code/sql/drop_table_spec.rb +16 -0
  82. data/spec/code/sql/drop_view_spec.rb +16 -0
  83. data/spec/code/sql/has_default_values_clause_examples.rb +10 -0
  84. data/spec/code/sql/has_fields_clause_examples.rb +15 -0
  85. data/spec/code/sql/has_from_clause_examples.rb +13 -0
  86. data/spec/code/sql/has_values_clause_examples.rb +15 -0
  87. data/spec/code/sql/has_where_clause_examples.rb +15 -0
  88. data/spec/code/sql/insert_spec.rb +21 -0
  89. data/spec/code/sql/replace_spec.rb +21 -0
  90. data/spec/code/sql/select_spec.rb +105 -0
  91. data/spec/code/sql/update_spec.rb +26 -0
  92. data/spec/helpers/code.rb +14 -0
  93. data/spec/sql/error_spec.rb +24 -0
  94. data/spec/sql/extensions/string_spec.rb +28 -0
  95. data/spec/sql_spec.rb +9 -0
  96. data/tasks/spec.rb +2 -0
  97. metadata +82 -29
  98. data/lib/ronin/code/sql/injection_builder.rb +0 -137
  99. data/lib/ronin/code/sql/injection_style.rb +0 -79
  100. data/lib/ronin/code/sql/style.rb +0 -170
  101. data/lib/ronin/sql/sql.rb +0 -83
data/History.txt CHANGED
@@ -1,3 +1,46 @@
1
+ === 0.2.0 / 2009-01-08
2
+
3
+ * Require Ronin >= 0.1.3.
4
+ * Refactored Ronin::Code::SQL.
5
+ * Implemented a token emitter system.
6
+ * Support common SQL expression modifiers.
7
+ * Support common SQL clauses.
8
+ * Allow for injecting arbitrary SQL clauses.
9
+ * Added more SQL Injection test generators.
10
+ * all_rows:
11
+
12
+ OR 1 = 1
13
+
14
+ * exact_rows:
15
+
16
+ AND 1 = 1
17
+
18
+ * no_rows:
19
+
20
+ AND 1 = 0
21
+
22
+ * has_column?(column):
23
+
24
+ OR column IS NOT NULL
25
+
26
+ * has_table?(table):
27
+
28
+ AND (SELECT FROM table count(*) == 1)
29
+
30
+ * uses_column?(column):
31
+
32
+ GROUP BY column HAVING 1 = 1
33
+
34
+ * uses_table?(table):
35
+
36
+ OR table IS NOT NULL
37
+
38
+ * Removed references to Ronin::Vulnerable.
39
+ * Added more specs:
40
+ * Specs for most of Ronin::Code::SQL.
41
+ * Specs on Ronin::SQL::Error and the SQL encoding/decoding extensions for
42
+ the String class.
43
+
1
44
  === 0.1.1 / 2008-09-28
2
45
 
3
46
  * Trivial bug fix to URI::HTTP#sql_errors.
data/Manifest.txt CHANGED
@@ -4,42 +4,95 @@ Manifest.txt
4
4
  README.txt
5
5
  Rakefile
6
6
  lib/ronin/code/sql.rb
7
- lib/ronin/code/sql/between.rb
8
- lib/ronin/code/sql/binary_expr.rb
9
- lib/ronin/code/sql/builder.rb
10
- lib/ronin/code/sql/code.rb
11
- lib/ronin/code/sql/common_dialect.rb
12
- lib/ronin/code/sql/create_index.rb
13
- lib/ronin/code/sql/create_table.rb
14
- lib/ronin/code/sql/create_view.rb
15
- lib/ronin/code/sql/delete.rb
16
- lib/ronin/code/sql/dialect.rb
17
- lib/ronin/code/sql/drop_table.rb
18
7
  lib/ronin/code/sql/exceptions.rb
19
8
  lib/ronin/code/sql/exceptions/unknown_dialect.rb
9
+ lib/ronin/code/sql/exceptions/unknown_statement.rb
10
+ lib/ronin/code/sql/exceptions/unknown_clause.rb
11
+ lib/ronin/code/sql/token.rb
12
+ lib/ronin/code/sql/emittable.rb
13
+ lib/ronin/code/sql/modifier.rb
14
+ lib/ronin/code/sql/asc.rb
15
+ lib/ronin/code/sql/desc.rb
16
+ lib/ronin/code/sql/as.rb
20
17
  lib/ronin/code/sql/expr.rb
18
+ lib/ronin/code/sql/unary_expr.rb
19
+ lib/ronin/code/sql/binary_expr.rb
20
+ lib/ronin/code/sql/like.rb
21
+ lib/ronin/code/sql/between.rb
22
+ lib/ronin/code/sql/in.rb
21
23
  lib/ronin/code/sql/field.rb
24
+ lib/ronin/code/sql/clause.rb
25
+ lib/ronin/code/sql/on_clause.rb
26
+ lib/ronin/code/sql/where_clause.rb
27
+ lib/ronin/code/sql/group_by_clause.rb
28
+ lib/ronin/code/sql/fields_clause.rb
29
+ lib/ronin/code/sql/set_clause.rb
30
+ lib/ronin/code/sql/values_clause.rb
31
+ lib/ronin/code/sql/from_clause.rb
32
+ lib/ronin/code/sql/default_values_clause.rb
33
+ lib/ronin/code/sql/join_clause.rb
34
+ lib/ronin/code/sql/order_by_clause.rb
35
+ lib/ronin/code/sql/limit_clause.rb
36
+ lib/ronin/code/sql/offset_clause.rb
37
+ lib/ronin/code/sql/union_clause.rb
38
+ lib/ronin/code/sql/having_clause.rb
39
+ lib/ronin/code/sql/union_all_clause.rb
40
+ lib/ronin/code/sql/intersect_clause.rb
41
+ lib/ronin/code/sql/rename_to_clause.rb
42
+ lib/ronin/code/sql/add_column_clause.rb
22
43
  lib/ronin/code/sql/function.rb
23
- lib/ronin/code/sql/in.rb
24
- lib/ronin/code/sql/injection.rb
25
- lib/ronin/code/sql/injection_builder.rb
26
- lib/ronin/code/sql/injection_style.rb
44
+ lib/ronin/code/sql/statement.rb
45
+ lib/ronin/code/sql/create.rb
46
+ lib/ronin/code/sql/create_index.rb
47
+ lib/ronin/code/sql/create_table.rb
48
+ lib/ronin/code/sql/create_view.rb
27
49
  lib/ronin/code/sql/insert.rb
28
- lib/ronin/code/sql/keyword.rb
29
- lib/ronin/code/sql/like_expr.rb
30
- lib/ronin/code/sql/program.rb
31
- lib/ronin/code/sql/replace.rb
32
50
  lib/ronin/code/sql/select.rb
33
- lib/ronin/code/sql/statement.rb
34
- lib/ronin/code/sql/style.rb
35
- lib/ronin/code/sql/unary_expr.rb
51
+ lib/ronin/code/sql/replace.rb
36
52
  lib/ronin/code/sql/update.rb
53
+ lib/ronin/code/sql/delete.rb
54
+ lib/ronin/code/sql/drop.rb
55
+ lib/ronin/code/sql/drop_index.rb
56
+ lib/ronin/code/sql/drop_table.rb
57
+ lib/ronin/code/sql/drop_view.rb
58
+ lib/ronin/code/sql/dialect.rb
59
+ lib/ronin/code/sql/common_dialect.rb
60
+ lib/ronin/code/sql/program.rb
61
+ lib/ronin/code/sql/injected_statement.rb
62
+ lib/ronin/code/sql/injection.rb
63
+ lib/ronin/code/sql/code.rb
37
64
  lib/ronin/sql/extensions.rb
38
65
  lib/ronin/sql/extensions/uri.rb
39
66
  lib/ronin/sql/extensions/uri/http.rb
67
+ lib/ronin/sql/error/message.rb
68
+ lib/ronin/sql/error/pattern.rb
69
+ lib/ronin/sql/error/error.rb
70
+ lib/ronin/sql/error/patterns.rb
40
71
  lib/ronin/sql/error.rb
41
- lib/ronin/sql/sql.rb
72
+ lib/ronin/sql/injection.rb
42
73
  lib/ronin/sql/version.rb
43
74
  lib/ronin/sql.rb
44
75
  tasks/spec.rb
45
76
  spec/spec_helper.rb
77
+ spec/sql_spec.rb
78
+ spec/helpers/code.rb
79
+ spec/code/sql/has_default_values_clause_examples.rb
80
+ spec/code/sql/has_fields_clause_examples.rb
81
+ spec/code/sql/has_from_clause_examples.rb
82
+ spec/code/sql/has_values_clause_examples.rb
83
+ spec/code/sql/has_where_clause_examples.rb
84
+ spec/code/sql/create_examples.rb
85
+ spec/code/sql/create_table_spec.rb
86
+ spec/code/sql/create_index_spec.rb
87
+ spec/code/sql/create_view_spec.rb
88
+ spec/code/sql/drop_examples.rb
89
+ spec/code/sql/drop_table_spec.rb
90
+ spec/code/sql/drop_index_spec.rb
91
+ spec/code/sql/drop_view_spec.rb
92
+ spec/code/sql/insert_spec.rb
93
+ spec/code/sql/select_spec.rb
94
+ spec/code/sql/update_spec.rb
95
+ spec/code/sql/replace_spec.rb
96
+ spec/code/sql/delete_spec.rb
97
+ spec/sql/error_spec.rb
98
+ spec/sql/extensions/string_spec.rb
data/README.txt CHANGED
@@ -1,7 +1,9 @@
1
1
  = Ronin SQL
2
2
 
3
3
  * http://ronin.rubyforge.org/sql/
4
- * Postmodern Modulus III
4
+ * http://github.com/postmodern/ronin-sql
5
+ * irc.freenode.net ##ronin
6
+ * Postmodern (postmodern.mod3 at gmail.com)
5
7
 
6
8
  == DESCRIPTION:
7
9
 
@@ -22,9 +24,9 @@ commercial software.
22
24
 
23
25
  === Modular
24
26
 
25
- Ronin was not designed as one monolithic library but instead as a collection
26
- of libraries which can be individually installed. This allows users to pick
27
- and choose what functionality they want in Ronin.
27
+ Ronin was not designed as one monolithic framework but instead as a
28
+ collection of libraries which can be individually installed. This allows
29
+ users to pick and choose what functionality they want in Ronin.
28
30
 
29
31
  === Decentralized
30
32
 
@@ -37,19 +39,42 @@ of Ronin.
37
39
 
38
40
  == FEATURES:
39
41
 
40
- * Provides an DSL for crafting normal SQL and SQL injections.
42
+ * Provides an Domain Specific Language (DSL) for crafting normal SQL and
43
+ SQL injections.
41
44
  * Provides tests for finding SQL injections.
42
45
 
46
+ == REQUIREMENTS:
47
+
48
+ * Ronin >= 0.1.2
49
+
43
50
  == INSTALL:
44
51
 
45
52
  $ sudo gem install ronin-sql
46
53
 
54
+ == EXAMPLES:
55
+
56
+ * Generate valid SQL using the Ronin SQL DSL.
57
+
58
+ puts Code.sql {
59
+ select(:from => :users, :where => (name == 'bob'))
60
+ }
61
+ SELECT * FROM users WHERE name = 'bob'
62
+ => nil
63
+
64
+ * Generate valid SQL injections using the Ronin SQL injection DSL.
65
+
66
+ puts Code.sql_injection {
67
+ escape_string { has_table?(:users) }
68
+ }
69
+ ' AND (SELECT count(*) FROM users) = 1 --
70
+ => nil
71
+
47
72
  == LICENSE:
48
73
 
49
74
  Ronin SQL - A Ruby library for Ronin that provids support for SQL related
50
75
  security tasks.
51
76
 
52
- Copyright (c) 2006-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
77
+ Copyright (c) 2006-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
53
78
 
54
79
  This program is free software; you can redistribute it and/or modify
55
80
  it under the terms of the GNU General Public License as published by
data/Rakefile CHANGED
@@ -7,9 +7,9 @@ require './lib/ronin/sql/version.rb'
7
7
 
8
8
  Hoe.new('ronin-sql', Ronin::SQL::VERSION) do |p|
9
9
  p.rubyforge_name = 'ronin'
10
- p.developer('Postmodern Modulus III','postmodern.mod3@gmail.com')
10
+ p.developer('Postmodern','postmodern.mod3@gmail.com')
11
11
  p.remote_rdoc_dir = 'docs/ronin-sql'
12
- p.extra_deps = [['ronin', '>=0.0.9']]
12
+ p.extra_deps = [['ronin', '>=0.1.3']]
13
13
  end
14
14
 
15
15
  # vim: syntax=Ruby
@@ -3,7 +3,7 @@
3
3
  # Ronin SQL - A Ronin library providing support for SQL related security
4
4
  # tasks.
5
5
  #
6
- # Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
7
  #
8
8
  # This program is free software; you can redistribute it and/or modify
9
9
  # it under the terms of the GNU General Public License as published by
@@ -21,25 +21,21 @@
21
21
  #++
22
22
  #
23
23
 
24
+ require 'ronin/code/sql/clause'
25
+
24
26
  module Ronin
25
27
  module Code
26
28
  module SQL
27
- class Keyword
28
-
29
- # The style to use
30
- attr_reader :style
29
+ class AddColumnClause < Clause
31
30
 
32
- def initialize(style,name)
33
- @style = style
34
- @name = name.to_s
35
- end
31
+ attr_accessor :table
36
32
 
37
- def compile
38
- @style.compile_keyword(@name)
33
+ def initialize(table)
34
+ @table = table
39
35
  end
40
36
 
41
- def to_s
42
- compile
37
+ def emit
38
+ emit_token('ADD COLUMN') + emit_value(@table)
43
39
  end
44
40
 
45
41
  end
@@ -0,0 +1,47 @@
1
+ #
2
+ #--
3
+ # Ronin SQL - A Ronin library providing support for SQL related security
4
+ # tasks.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/code/sql/modifier'
25
+
26
+ module Ronin
27
+ module Code
28
+ module SQL
29
+ class As < Modifier
30
+
31
+ # Alias name
32
+ attr_reader :alias_name
33
+
34
+ def initialize(field,alias_name)
35
+ super(field,'AS')
36
+
37
+ @alias_name = alias_name
38
+ end
39
+
40
+ def emit
41
+ super + emit_value(@alias_name)
42
+ end
43
+
44
+ end
45
+ end
46
+ end
47
+ end
@@ -0,0 +1,38 @@
1
+ #
2
+ #--
3
+ # Ronin SQL - A Ronin library providing support for SQL related security
4
+ # tasks.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/code/sql/modifier'
25
+
26
+ module Ronin
27
+ module Code
28
+ module SQL
29
+ class Asc < Modifier
30
+
31
+ def initialize(expr)
32
+ super(expr,'ASC')
33
+ end
34
+
35
+ end
36
+ end
37
+ end
38
+ end
@@ -3,7 +3,7 @@
3
3
  # Ronin SQL - A Ronin library providing support for SQL related security
4
4
  # tasks.
5
5
  #
6
- # Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
7
  #
8
8
  # This program is free software; you can redistribute it and/or modify
9
9
  # it under the terms of the GNU General Public License as published by
@@ -28,9 +28,16 @@ module Ronin
28
28
  module SQL
29
29
  class Between < Expr
30
30
 
31
- def initialize(expr,lower,higher)
32
- super(expr.style)
31
+ # Expression
32
+ attr_reader :expr
33
+
34
+ # Lower bound
35
+ attr_reader :lower
36
+
37
+ # Higher bound
38
+ attr_reader :higher
33
39
 
40
+ def initialize(expr,lower,higher)
34
41
  @expr = expr
35
42
  @lower = lower
36
43
  @higher = higher
@@ -42,18 +49,17 @@ module Ronin
42
49
  return self
43
50
  end
44
51
 
45
- def compile
46
- compile_expr(@expr,negated?,keyword_between,@lower,keyword_and,@higher)
47
- end
52
+ def emit
53
+ tokens = emit_value(@expr)
48
54
 
49
- protected
55
+ tokens += emit_token('NOT') if @negated
56
+ tokens += emit_token('BETWEEN')
50
57
 
51
- keyword :between
52
- keyword :and
53
- keyword :not
58
+ tokens += emit_value(@lower)
59
+ tokens += emit_token('AND')
60
+ tokens += emit_value(@higher)
54
61
 
55
- def negated?
56
- keyword_not if @negated
62
+ return tokens
57
63
  end
58
64
 
59
65
  end
@@ -3,7 +3,7 @@
3
3
  # Ronin SQL - A Ronin library providing support for SQL related security
4
4
  # tasks.
5
5
  #
6
- # Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
7
  #
8
8
  # This program is free software; you can redistribute it and/or modify
9
9
  # it under the terms of the GNU General Public License as published by
@@ -28,16 +28,23 @@ module Ronin
28
28
  module SQL
29
29
  class BinaryExpr < Expr
30
30
 
31
- def initialize(style,op,left,right)
32
- super(style)
31
+ # Operator
32
+ attr_reader :op
33
33
 
34
+ # Left-hand side
35
+ attr_reader :left
36
+
37
+ # Right-hand side
38
+ attr_reader :right
39
+
40
+ def initialize(op,left,right)
34
41
  @op = op
35
42
  @left = left
36
43
  @right = right
37
44
  end
38
45
 
39
- def compile
40
- compile_expr(compile_data(@left),compile_keyword(@op),compile_data(@right))
46
+ def emit
47
+ emit_value(@left) + emit_token(@op) + emit_value(@right)
41
48
  end
42
49
 
43
50
  end
@@ -0,0 +1,37 @@
1
+ #
2
+ #--
3
+ # Ronin SQL - A Ronin library providing support for SQL related security
4
+ # tasks.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/code/sql/emittable'
25
+ require 'ronin/code/sql/token'
26
+
27
+ module Ronin
28
+ module Code
29
+ module SQL
30
+ class Clause
31
+
32
+ include Emittable
33
+
34
+ end
35
+ end
36
+ end
37
+ end
@@ -2,7 +2,7 @@
2
2
  # Ronin SQL - A Ronin library providing support for SQL related security
3
3
  # tasks.
4
4
  #
5
- # Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
5
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
6
6
  #
7
7
  # This program is free software; you can redistribute it and/or modify
8
8
  # it under the terms of the GNU General Public License as published by
@@ -3,7 +3,7 @@
3
3
  # Ronin SQL - A Ronin library providing support for SQL related security
4
4
  # tasks.
5
5
  #
6
- # Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
7
  #
8
8
  # This program is free software; you can redistribute it and/or modify
9
9
  # it under the terms of the GNU General Public License as published by
@@ -25,11 +25,14 @@ require 'ronin/code/sql/dialect'
25
25
  require 'ronin/code/sql/create_table'
26
26
  require 'ronin/code/sql/create_index'
27
27
  require 'ronin/code/sql/create_view'
28
+ require 'ronin/code/sql/alter_table'
28
29
  require 'ronin/code/sql/insert'
29
30
  require 'ronin/code/sql/select'
30
31
  require 'ronin/code/sql/update'
31
32
  require 'ronin/code/sql/delete'
32
33
  require 'ronin/code/sql/drop_table'
34
+ require 'ronin/code/sql/drop_index'
35
+ require 'ronin/code/sql/drop_view'
33
36
 
34
37
  module Ronin
35
38
  module Code
@@ -45,16 +48,19 @@ module Ronin
45
48
  data_type :text
46
49
  data_type :record
47
50
 
48
- aggregators :count, :min, :max, :sum, :avg
51
+ aggregators :avg, :count, :group_concat, :min, :max, :sum, :total
49
52
 
50
- command :create_type, CreateTable
51
- command :create_index, CreateIndex
52
- command :create_view, CreateView
53
- command :insert, Insert
54
- command :select_from, Select
55
- command :update, Update
56
- command :delete, Delete
57
- command :drop_table, DropTable
53
+ statement :create_type, CreateTable
54
+ statement :create_index, CreateIndex
55
+ statement :create_view, CreateView
56
+ statement :alter_table, AlterTable
57
+ statement :insert, Insert
58
+ statement :select, Select
59
+ statement :update, Update
60
+ statement :delete, Delete
61
+ statement :drop_table, DropTable
62
+ statement :drop_index, DropIndex
63
+ statement :drop_view, DropView
58
64
 
59
65
  end
60
66
  end
@@ -0,0 +1,68 @@
1
+ #
2
+ #--
3
+ # Ronin SQL - A Ronin library providing support for SQL related security
4
+ # tasks.
5
+ #
6
+ # Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
7
+ #
8
+ # This program is free software; you can redistribute it and/or modify
9
+ # it under the terms of the GNU General Public License as published by
10
+ # the Free Software Foundation; either version 2 of the License, or
11
+ # (at your option) any later version.
12
+ #
13
+ # This program is distributed in the hope that it will be useful,
14
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
15
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
+ # GNU General Public License for more details.
17
+ #
18
+ # You should have received a copy of the GNU General Public License
19
+ # along with this program; if not, write to the Free Software
20
+ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
+ #++
22
+ #
23
+
24
+ require 'ronin/code/sql/statement'
25
+ require 'ronin/code/sql/fields_clause'
26
+
27
+ module Ronin
28
+ module Code
29
+ module SQL
30
+ class Create < Statement
31
+
32
+ clause :fields, FieldsClause
33
+
34
+ def initialize(dialect,type,name=nil,options={},&block)
35
+ @type = type
36
+ @name = name
37
+ @temp = (options[:temp] || options[:temporary])
38
+ @if_not_exists = options[:if_not_exists]
39
+
40
+ super(dialect,options,&block)
41
+ end
42
+
43
+ def temp
44
+ @temp = true
45
+ return self
46
+ end
47
+
48
+ def if_not_exists
49
+ @if_not_exists = true
50
+ return self
51
+ end
52
+
53
+ def emit
54
+ tokens = emit_token('CREATE')
55
+ tokens += emit_token('TEMP') if @temp
56
+
57
+ tokens += emit_token(@type)
58
+
59
+ tokens += emit_token('IF NOT EXISTS') if @if_not_exists
60
+ tokens += emit_token(@name)
61
+
62
+ return tokens + super
63
+ end
64
+
65
+ end
66
+ end
67
+ end
68
+ end