ronin-sql 0.1.1 → 0.2.0

data/lib/ronin/code/sql/fields_clause.rb

@@ -0,0 +1,48 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/clause'
+
+module Ronin
+  module Code
+    module SQL
+      class FieldsClause < Clause
+
+        # Fields of the clause
+        attr_accessor :fields
+
+        #
+        # Creates a new FieldsClause object with the specified _fields_.
+        #
+        def initialize(*fields)
+          @fields = fields
+        end
+
+        def emit
+          emit_row(@fields)
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/from_clause.rb

@@ -0,0 +1,44 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/clause'
+
+module Ronin
+  module Code
+    module SQL
+      class FromClause < Clause
+
+        attr_accessor :table
+
+        def initialize(table)
+          @table = table
+        end
+
+        def emit
+          emit_token('FROM') + emit_value(@table)
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/function.rb

@@ -3,7 +3,7 @@
 # Ronin SQL - A Ronin library providing support for SQL related security
 # tasks.
 #
-# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -28,22 +28,25 @@ module Ronin
     module SQL
       class Function < Expr
 
-        def initialize(style,func,*fields)
-          super(style)
+        # Name of the function
+        attr_reader :name
 
-          @style = style
-          @func = keyword(func)
-          @fields = fields
-        end
+        # Fields passed to the function
+        attr_reader :fields
 
-        def compile
-          "#{@func}(#{fields?})"
+        def initialize(name,*fields)
+          @name = name
+          @fields = fields
         end
 
-        protected
+        def emit
+          tokens = emit_token(@name)
+          
+          tokens << Token.open_paren
+          tokens += emit_list(@fields)
+          tokens << Token.close_paren
 
-        def fields?
-          return compile_list(@fields) unless @fields.empty?
+          return tokens
         end
 
       end

data/lib/ronin/code/sql/group_by_clause.rb

@@ -0,0 +1,48 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/clause'
+
+module Ronin
+  module Code
+    module SQL
+      class GroupByClause < Clause
+
+        # Fields to group
+        attr_accessor :fields
+
+        #
+        # Creates a new GroupByClause object with the specified _fields_.
+        #
+        def initialize(*fields)
+          @fields = fields
+        end
+
+        def emit
+          emit_token('GROUP BY') + emit_list(@fields)
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/having_clause.rb

@@ -0,0 +1,48 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/clause'
+
+module Ronin
+  module Code
+    module SQL
+      class HavingClause < Clause
+
+        # Expression of the having clause
+        attr_accessor :expr
+
+        #
+        # Creates a new HavingClause object with the specified _expr_.
+        #
+        def initialize(expr)
+          @expr = expr
+        end
+
+        def emit
+          emit_token('HAVING') + emit_value(@expr)
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/in.rb

@@ -3,7 +3,7 @@
 # Ronin SQL - A Ronin library providing support for SQL related security
 # tasks.
 #
-# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -28,21 +28,21 @@ module Ronin
     module SQL
       class In < Expr
 
-        def initialize(style,field,*range)
-          super(style)
+        # Field
+        attr_reader :field
 
+        # Range
+        attr_reader :range
+
+        def initialize(field,*range)
           @field = field
           @range = range
         end
 
-        def compile
-          compile_expr(@field,keyword_in,compile_datalist(@range))
+        def emit
+          emit_value(@field) + emit_token('IN') + emit_values(@range)
         end
 
-        protected
-
-        keyword :in
-
       end
     end
   end

data/lib/ronin/code/sql/injected_statement.rb

@@ -0,0 +1,102 @@
+#
+#--
+# Ronin SQL - A Ronin library providing support for SQL related security
+# tasks.
+#
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
+#
+
+require 'ronin/code/sql/statement'
+
+module Ronin
+  module Code
+    module SQL
+      class InjectedStatement < Statement
+
+        # Injected expressions
+        attr_reader :expressions
+
+        def initialize(dialect,&block)
+          @expressions = []
+
+          super(dialect,&block)
+        end
+
+        def inject_and(expr)
+          @expressions += [Token.new('AND'), expr]
+          return self
+        end
+
+        def inject_or(expr)
+          @expressions += [Token.new('OR'), expr]
+          return self
+        end
+
+        def all_rows(value=1)
+          inject_or(BinaryExpr.new('=',value,value))
+        end
+
+        def exact_rows(value=1)
+          inject_and(BinaryExpr.new('=',value,value))
+        end
+
+        def no_rows
+          inject_and(BinaryExpr.new('=',1,0))
+        end
+
+        def has_column?(name)
+          inject_or(field(name).is_not?(null))
+        end
+
+        def has_table?(table)
+          inject_and(select(:from => table,:fields => count(all)) == 1)
+        end
+
+        def uses_column?(name)
+          group_by(name)
+
+          having(BinaryExpr.new('=',1,1))
+          return self
+        end
+
+        def uses_table?(table)
+          inject_or(table.is_not?(null))
+        end
+
+        def emit
+          emit_values(@expressions) + super
+        end
+
+        protected
+
+        def clause(name,*arguments)
+          dialect.caluse(name,*arguments)
+        end
+
+        def method_missing(name,*arguments,&block)
+          if (@dialect.has_clause?(name) && block.nil?)
+            return @dialect.clause(name,*arguments)
+          end
+
+          return super(name,*arguments,&block)
+        end
+
+      end
+    end
+  end
+end

data/lib/ronin/code/sql/injection.rb

@@ -1,8 +1,9 @@
 #
+#--
 # Ronin SQL - A Ronin library providing support for SQL related security
 # tasks.
 #
-# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -17,20 +18,185 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#++
 #
 
 require 'ronin/code/sql/program'
-require 'ronin/code/sql/injection_style'
-require 'ronin/code/sql/injection_builder'
-require 'ronin/extensions/string'
+require 'ronin/code/sql/injected_statement'
+require 'ronin/formatting/text'
 
 module Ronin
   module Code
     module SQL
       class Injection < Program
 
+        # Comment-Obfustication
+        attr_accessor :comment_evasion
+
+        # Swapcase-Obfusciation
+        attr_accessor :case_evasion
+
+        # Data to escape a previous expression with
+        attr_accessor :escape
+
+        # Specifies whether or not to close an open string
+        attr_accessor :close_string
+
+        # Specifies whether or not to close an open parenthesis
+        attr_accessor :close_parens
+
+        # Specifies whether or not to end a previous statement
+        attr_accessor :end_statement
+
         def initialize(options={},&block)
-          @builder = InjectionBuilder.new(InjectionStyle.new(options),&block)
+          if options.has_key?(:comment_evasion)
+            @comment_evasion = options[:comment_evasion]
+          else
+            @comment_evasion = false
+          end
+
+          if options.has_key?(:case_evasion)
+            @case_evasion = options[:case_evasion]
+          else
+            @case_evasion = false
+          end
+
+          @escape = options[:escape]
+
+          if options.has_key?(:close_string)
+            @close_string = options[:close_string]
+          else
+            @close_string = false
+          end
+
+          if options.has_key?(:close_parens)
+            @close_parens = options[:close_parens]
+          else
+            @close_parens = false
+          end
+
+          if options.has_key?(:end_statement)
+            @end_statement = options[:end_statement]
+          else
+            @end_statement = false
+          end
+
+          super(options) do
+            @expression = InjectedStatement.new(@dialect)
+          end
+
+          instance_eval(&block) if block
+        end
+
+        #
+        # Returns the expression that will be injected into the effected 
+        # statement. If a _block_ is given, it will be evaluated within
+        # the expression.
+        #
+        def expression(&block)
+          @expression.instance_eval(&block) if block
+          return @expression
+        end
+
+        def sql(&block)
+          @dialect.instance_eval(&block) if block
+        end
+
+        def compile
+          injection = super.rstrip
+
+          comment = lambda { [injection, '--'].join(space_token) }
+
+          if (@close_parens && @close_string)
+            if injection =~ /'\s*\)$/
+              return injection.gsub(/'\s*\)$/,'')
+            else
+              return comment.call
+            end
+          end
+
+          if @close_string
+            if injection[-1..-1] == "'"
+              return injection.chop
+            else
+              return comment.call
+            end
+          end
+
+          return injection
+        end
+
+        alias to_s compile
+
+        protected
+
+        def space_token
+          if @comment_evasion
+            return '/**/'
+          else
+            return super
+          end
+        end
+
+        def format_token(token)
+          token = super(token)
+
+          if @case_evasion
+            token = token.random_case
+          end
+
+          return token
+        end
+
+        def each_string(&block)
+          escape_value = ''
+
+          if @close_string
+            # format the escape string, since we are escaping out of a
+            # string
+            escape_value << format(@escape) if @escape
+          else
+            # do not format the escape string when we are not escaping
+            # out of a string
+            escape_value << @escape.to_s if @escape
+          end
+
+          if @close_string
+            if escape_value[0..0] == "'"
+              escape_value = escape_value[1..-1]
+            else
+              escape_value << "'"
+            end
+          end
+           
+          escape_value << ')' if @close_parens
+
+          block.call(escape_value) unless escape_value.empty?
+
+          return super(&block)
+        end
+
+        def each_token(&block)
+          if @expression
+            @expression.emit.each(&block)
+
+            block.call(Token.separator)
+          elsif @end_statement
+            block.call(Token.separator)
+          end
+
+          return super(&block)
+        end
+
+        #
+        # Relays missed method calls to the injected expression.
+        #
+        def method_missing(name,*arguments,&block)
+          if @expression.public_methods(false).include?(name.to_s)
+            return @expression.send(name,*arguments,&block)
+          end
+
+          return super(name,*arguments,&block)
         end
 
       end

data/lib/ronin/code/sql/insert.rb

@@ -3,7 +3,7 @@
 # Ronin SQL - A Ronin library providing support for SQL related security
 # tasks.
 #
-# Copyright (c) 2007-2008 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2007-2009 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -22,64 +22,34 @@
 #
 
 require 'ronin/code/sql/statement'
+require 'ronin/code/sql/fields_clause'
+require 'ronin/code/sql/values_clause'
+require 'ronin/code/sql/default_values_clause'
 
 module Ronin
   module Code
     module SQL
       class Insert < Statement
 
-        def initialize(style,table=nil,opts={:fields => nil, :values => nil, :from => nil},&block)
-          @table = table
-          @fields = opts[:fields]
-          @values = opts[:values]
-          @from = opts[:from]
+        clause :fields, FieldsClause
+        clause :default_values, DefaultValuesClause
+        clause :values, ValuesClause
 
-          super(style,&block)
-        end
-
-        def into(table)
-          @table = table
-          return self
-        end
+        def initialize(dialect,options={},&block)
+          @table = options[:table]
 
-        def fields(*fields)
-          @fields = fields
-          return self
+          super(dialect,options,&block)
         end
 
-        def values(*values)
-          if (@values.length==1 && @values[0].kind_of?(Hash))
-            @values = values[0]
-          else
-            @values = values
-          end
-          return self
+        def table(name)
+          @table = name
+          return value
         end
 
-        def from(expr)
-          @from = expr
-          return self
+        def emit
+          emit_token('INSERT INTO') + emit_value(@table) + super
         end
 
-        def compile
-          if @values.kind_of?(Hash)
-            return compile_expr(keyword_insert,@table,compile_row(@values.keys),keyword_values,compile_datalist(@values.values))
-          elsif @from
-            return compile_expr(keyword_insert,@table,compile_row(@fields),@from)
-          else
-            if @fields
-              return compile_expr(keyword_insert,@table,compile_row(@fields),keyword_values,compile_datalist(@values))
-            else
-              return compile_expr(keyword_insert,@table,keyword_values,compile_datalist(@values))
-            end
-          end
-        end
-
-        protected
-
-        keyword :insert, 'INSERT INTO'
-        keyword :values
-
       end
     end
   end