ronin-support 0.2.0 → 0.3.0

data/lib/ronin/formatting/extensions/html/string.rb

@@ -41,6 +41,10 @@ class String
   # @return [String]
   #   The HTML escaped String.
   #
+  # @example
+  #   "one & two".html_escape
+  #   # => "one & two"
+  #
   # @see http://rubydoc.info/stdlib/cgi/1.9.2/CGI.escapeHTML
   #
   # @since 0.2.0
@@ -57,6 +61,10 @@ class String
   # @return [String]
   #   The unescaped String.
   #
+  # @example
+  #   "<p>one <span>two</span></p>".html_unescape
+  #   # => "<p>one <span>two</span></p>"
+  #
   # @see http://rubydoc.info/stdlib/cgi/1.9.2/CGI.unescapeHTML
   #
   # @since 0.2.0
@@ -76,6 +84,10 @@ class String
   # @return [String]
   #   The formatted HTML String.
   #
+  # @example
+  #   "abc".format_html
+  #   # => "&#97;&#98;&#99;"
+  #
   # @see Integer#format_html
   #
   # @since 0.2.0
@@ -83,12 +95,14 @@ class String
   # @api public
   #
   def format_html(options={})
-    if RUBY_VERSION < '1.9.'
-      # String#ord was not backported to Rub 1.8.7
-      format_chars(options) { |c| c[0].format_html }
-    else
-      format_chars(options) { |c| c.ord.format_html }
-    end
+    formatter = if RUBY_VERSION < '1.9.'
+                  # String#ord was not backported to Ruby 1.8.7
+                  lambda { |c| c[0].format_html }
+                else
+                  lambda { |c| c.ord.format_html }
+                end
+
+    format_chars(options,&formatter)
   end
 
   #
@@ -101,8 +115,8 @@ class String
   #   The JavaScript escaped String.
   #
   # @example
-  #   "hello".js_escape
-  #   # => "%u0068%u0065%u006C%u006C%u006F"
+  #   "hello\nworld\n".js_escape
+  #   # => "hello\\nworld\\n"
   #
   # @see Integer#js_escape
   #
@@ -111,12 +125,14 @@ class String
   # @api public
   #
   def js_escape(options={})
-    if RUBY_VERSION < '1.9.'
-      # String#ord was not backported to Rub 1.8.7
-      format_chars(options) { |c| c[0].js_escape }
-    else
-      format_chars(options) { |c| c.ord.js_escape }
-    end
+    formatter = if RUBY_VERSION < '1.9.'
+                  # String#ord was not backported to Rub 1.8.7
+                  lambda { |c| c[0].js_escape }
+                else
+                  lambda { |c| c.ord.js_escape }
+                end
+
+    format_chars(options,&formatter)
   end
 
   #
@@ -126,7 +142,7 @@ class String
   #   The unescaped JavaScript String.
   #
   # @example
-  #   "%u0068%u0065%u006C%u006C%u006F world".js_unescape
+  #   "\\u0068\\u0065\\u006C\\u006C\\u006F world".js_unescape
   #   # => "hello world"
   #
   # @since 0.2.0
@@ -139,15 +155,16 @@ class String
     scan(/([\\%]u[0-9a-fA-F]{4}|[\\%][0-9a-fA-F]{2}|\\[btnfr"\\]|.)/).each do |match|
       c = match[0]
 
-      if c.length == 6
-        unescaped << c[2,4].to_i(16)
-      elsif c.length == 3
-        unescaped << c[1,2].to_i(16)
-      elsif c.length == 2
-        unescaped << JS_BACKSLASHED_CHARS[c]
-      else
-        unescaped << c
-      end
+      unescaped << case c.length
+                   when 6
+                     c[2,4].to_i(16)
+                   when 3
+                     c[1,2].to_i(16)
+                   when 2
+                     JS_BACKSLASHED_CHARS[c]
+                   else
+                     c
+                   end
     end
 
     return unescaped
@@ -164,7 +181,7 @@ class String
   #
   # @example
   #   "hello".js_escape
-  #   # => "%u0068%u0065%u006C%u006C%u006F"
+  #   # => "\\u0068\\u0065\\u006C\\u006C\\u006F"
   #
   # @see Integer#js_escape
   #
@@ -173,12 +190,14 @@ class String
   # @api public
   #
   def format_js(options={})
-    if RUBY_VERSION < '1.9.'
-      # String#ord was not backported to Rub 1.8.7
-      format_chars(options) { |c| c[0].format_js }
-    else
-      format_chars(options) { |c| c.ord.format_js }
-    end
+    formatter = if RUBY_VERSION < '1.9.'
+                  # String#ord was not backported to Rub 1.8.7
+                  lambda { |c| c[0].format_js }
+                else
+                  lambda { |c| c.ord.format_js }
+                end
+
+    format_chars(options,&formatter)
   end
 
 end

data/lib/ronin/formatting/extensions/http/integer.rb

@@ -31,7 +31,7 @@ class Integer
   # @api public
   #
   def uri_encode
-    URI.encode(self.chr)
+    URI.encode(chr)
   end
 
   #
@@ -40,10 +40,14 @@ class Integer
   # @return [String]
   #   The URI escaped byte.
   #
+  # @example
+  #   0x3d.uri_escape
+  #   # => "%3D"
+  #
   # @api public
   #
   def uri_escape
-    CGI.escape(self.chr)
+    CGI.escape(chr)
   end
 
   #
@@ -52,6 +56,10 @@ class Integer
   # @return [String]
   #   The formatted byte.
   #
+  # @example
+  #   0x41.format_http
+  #   # => "%41"
+  #
   # @api public
   #
   def format_http

data/lib/ronin/formatting/extensions/sql.rb

@@ -0,0 +1,20 @@
+#
+# Copyright (c) 2006-2011 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This file is part of Ronin Support.
+#
+# Ronin Support is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ronin Support is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with Ronin Support.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+require 'ronin/formatting/extensions/sql/string'

data/lib/ronin/formatting/extensions/sql/string.rb

@@ -0,0 +1,98 @@
+#
+# Copyright (c) 2006-2011 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This file is part of Ronin Support.
+#
+# Ronin Support is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ronin Support is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with Ronin Support.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+class String
+
+  #
+  # Escapes an String for SQL.
+  #
+  # @param [Symbol] quotes (:single)
+  #   Specifies whether to create a single or double quoted string.
+  #   May be either `:single` or `:double`.
+  #
+  # @return [String]
+  #   The escaped String.
+  #
+  # @raise [ArgumentError]
+  #   The quotes argument was neither `:single` nor `:double`.
+  #
+  # @example
+  #   "O'Brian".sql_escape
+  #   # => "'O''Brian'"
+  #
+  # @since 0.3.0
+  #
+  def sql_escape(quotes=:single)
+    case quotes
+    when :single
+      "'#{gsub(/'/,"''")}'"
+    when :double
+      "\"#{gsub(/"/,'""')}\""
+    else
+      raise(ArgumentError,"invalid quoting style #{quotes.inspect}")
+    end
+  end
+
+  #
+  # Returns the SQL hex-string encoded form of the String.
+  #
+  # @example
+  #   "/etc/passwd".sql_encode
+  #   # => "0x2f6574632f706173737764"
+  #
+  def sql_encode
+    return '' if empty?
+
+    hex_string = '0x'
+
+    each_byte do |b|
+      hex_string << ('%.2x' % b)
+    end
+
+    return hex_string
+  end
+
+  #
+  # Returns the SQL decoded form of the String.
+  #
+  # @example
+  #   "'Conan O''Brian'".sql_decode
+  #   # => "Conan O'Brian"
+  #
+  # @example
+  #  "0x2f6574632f706173737764".sql_decode
+  #  # => "/etc/passwd"
+  #
+  def sql_decode
+    if ((self[0...2] == '0x') && (length % 2 == 0))
+      raw = ''
+
+      self[2..-1].scan(/[0-9a-fA-F]{2}/).each do |hex_char|
+        raw << hex_char.hex.chr
+      end
+
+      return raw
+    elsif (self[0..0] == "'" && self[-1..-1] == "'")
+      self[1..-2].gsub("\\'","'").gsub("''","'")
+    else
+      return self
+    end
+  end
+
+end

data/lib/ronin/formatting/extensions/text/array.rb

@@ -37,15 +37,17 @@ class Array
   # @api public
   #
   def bytes
-    self.inject([]) do |accum,elem|
-      if elem.kind_of?(Integer)
-        accum << elem
+    bytes = []
+
+    each do |element|
+      if element.kind_of?(Integer)
+        bytes << element
       else
-        elem.to_s.each_byte { |b| accum << b }
+        element.to_s.each_byte { |b| bytes << b }
       end
-
-      accum
     end
+
+    return bytes
   end
 
   #
@@ -62,7 +64,7 @@ class Array
   # @api public
   #
   def chars
-    array_bytes = self.bytes
+    array_bytes = bytes
 
     array_bytes.map! { |b| b.chr }
     return array_bytes
@@ -100,7 +102,7 @@ class Array
   # @api public
   #
   def hex_chars
-    array_bytes = self.bytes
+    array_bytes = bytes
     
     array_bytes.map! { |b| '\x%x' % b }
     return array_bytes
@@ -124,7 +126,7 @@ class Array
   # @api public
   #
   def hex_integers
-    array_bytes = self.bytes
+    array_bytes = bytes
     
     array_bytes.map! { |b| '0x%x' % b }
     return array_bytes

data/lib/ronin/formatting/extensions/text/string.rb

@@ -17,10 +17,190 @@
 # along with Ronin Support.  If not, see <http://www.gnu.org/licenses/>.
 #
 
+require 'combinatorics/list_comprehension'
+require 'combinatorics/generator'
+require 'chars'
 require 'set'
 
 class String
 
+  #
+  # Generate permutations of Strings from a format template.
+  #
+  # @param [Array(<String, Symbol, Enumerable>, <Integer, Enumerable>)] template
+  #   The template which defines the string or character sets which will
+  #   make up parts of the String.
+  #
+  # @yield [string]
+  #   The given block will be passed each unique String.
+  #
+  # @yieldparam [String] string
+  #   A newly generated String.
+  #
+  # @return [Enumerator]
+  #   If no block is given, an Enumerator will be returned.
+  #
+  # @raise [ArgumentError]
+  #   A given character set name was unknown.
+  #
+  # @raise [TypeError]
+  #   A given string set was not a String, Symbol or Enumerable.
+  #   A given string set length was not an Integer or Enumerable.
+  #
+  # @example Generate Strings with ranges of repeating sub-strings.
+  #
+  # @example Generate Strings with three alpha chars and one numeric chars.
+  #   String.generate([:alpha, 3], :numeric) do |password|
+  #     puts password
+  #   end
+  #
+  # @example Generate Strings with two to four alpha chars.
+  #   String.generate([:alpha, 2..4]) do |password|
+  #     puts password
+  #   end
+  #
+  # @example Generate Strings using alpha and punctuation chars.
+  #   String.generate([Chars.alpha + Chars.punctuation, 4]) do |password|
+  #     puts password
+  #   end
+  #
+  # @example Generate Strings from a custom char set.
+  #   String.generate([['a', 'b', 'c'], 3], [['1', '2', '3'], 3]) do |password|
+  #     puts password
+  #   end
+  #
+  # @example Generate Strings containing known Strings.
+  #   String.generate("rock", [:numeric, 4]) do |password|
+  #     puts password
+  #   end
+  #
+  # @example Generate Strings with ranges of repeating sub-strings.
+  #   String.generate(['/AA', (1..100).step(5)]) do |path|
+  #     puts path
+  #   end
+  #
+  # @since 0.3.0
+  #
+  # @api public
+  #
+  def self.generate(*template)
+    return enum_for(:generate,*template) unless block_given?
+
+    sets = []
+
+    template.each do |pattern|
+      set, length = pattern
+      set = case set
+            when String
+              [set].each
+            when Symbol
+              name = set.to_s.upcase
+
+              unless Chars.const_defined?(name)
+                raise(ArgumentError,"unknown charset #{set.inspect}")
+              end
+
+              Chars.const_get(name).each_char
+            when Enumerable
+              Chars::CharSet.new(set).each_char
+            else
+              raise(TypeError,"set must be a String, Symbol or Enumerable")
+            end
+
+      case length
+      when Integer
+        length.times { sets << set.dup }
+      when Enumerable
+        sets << Combinatorics::Generator.new do |g|
+          length.each do |sublength|
+            superset = Array.new(sublength) { set.dup }
+
+            superset.comprehension { |strings| g.yield strings.join }
+          end
+        end
+      when nil
+        sets << set
+      else
+        raise(TypeError,"length must be an Integer or Enumerable")
+      end
+    end
+
+    sets.comprehension { |strings| yield strings.join }
+    return nil
+  end
+
+  #
+  # Incrementally fuzzes the String.
+  #
+  # @param [Hash{Regexp,String,Integer,Enumerable => #each}] mutations
+  #   Patterns and their substitutions.
+  #
+  # @yield [fuzz]
+  #   The given block will be passed every fuzzed String.
+  #
+  # @yieldparam [String] fuzz
+  #   A fuzzed String.
+  #
+  # @return [Enumerator]
+  #   If no block is given, an Enumerator will be returned.
+  #
+  # @example Replace every `e`, `i`, `o`, `u` with `(`, 100 `A`s and a `\0`:
+  #   "the quick brown fox".fuzz(/[eiou]/ => ['(', ('A' * 100), "\0"]) do |str|
+  #     p str
+  #   end
+  #
+  # @example {String.generate} with {String.fuzz}:
+  #   "GET /".fuzz('/' => String.generate(['A', 1..100])) do |str|
+  #     p str
+  #   end
+  #
+  # @since 0.3.0
+  #
+  # @api public
+  #
+  def fuzz(mutations={})
+    return enum_for(:fuzz,mutations) unless block_given?
+
+    mutations.each do |pattern,substitution|
+      pattern = case pattern
+                when Regexp
+                  pattern
+                when String
+                  Regexp.new(Regexp.escape(pattern))
+                when Integer
+                  Regexp.new(pattern.chr)
+                when Enumerable
+                  Regexp.union(pattern.map { |s| Regexp.escape(s.to_s) })
+                else
+                  raise(TypeError,"cannot convert #{pattern.inspect} to a Regexp")
+                end
+
+      scanner = StringScanner.new(self)
+      indices = []
+
+      while scanner.scan_until(pattern)
+        indices << [scanner.pos - scanner.matched_size, scanner.matched_size]
+      end
+
+      indices.each do |index,length|
+        substitution.each do |substitute|
+          substitute = case substitute
+                       when Proc
+                         substitute.call(self[index,length])
+                       when Integer
+                         substitute.chr
+                       else
+                         substitute.to_s
+                       end
+
+          fuzzed = dup
+          fuzzed[index,length] = substitute
+          yield fuzzed
+        end
+      end
+    end
+  end
+
   #
   # Creates a new String by formatting each byte.
   #
@@ -43,20 +223,23 @@ class String
   # @return [String]
   #   The formatted version of the String.
   #
+  # @example
+  #   "hello".format_bytes { |b| "%x" % b }
+  #   # => "68656c6c6f"
+  #
   # @api public
   #
   def format_bytes(options={})
-    included = options.fetch(:include,(0x00..0xff))
-    excluded = options.fetch(:exclude,Set[])
-
+    included  = (options[:include] || (0x00..0xff))
+    excluded  = (options[:exclude] || Set[])
     formatted = ''
 
-    self.each_byte do |b|
-      if (included.include?(b) && !excluded.include?(b))
-        formatted << yield(b)
-      else
-        formatted << b
-      end
+    each_byte do |b|
+      formatted << if (included.include?(b) && !excluded.include?(b))
+                     yield(b)
+                   else
+                     b
+                   end
     end
 
     return formatted
@@ -84,12 +267,15 @@ class String
   # @return [String]
   #   The formatted version of the String.
   #
+  # @example
+  #   "hello".format_chars { |c| c * 3 }
+  #   # => "hhheeellllllooo"
+  #
   # @api public
   #
   def format_chars(options={})
-    included = options.fetch(:include,/./m)
-    excluded = options.fetch(:exclude,Set[])
-
+    included  = (options[:include] || /./m)
+    excluded  = (options[:exclude] || Set[])
     formatted = ''
 
     matches = lambda { |filter,c|
@@ -97,17 +283,15 @@ class String
         filter.include?(c)
       elsif filter.kind_of?(Regexp)
         c =~ filter
-      else
-        false
       end
     }
 
-    self.each_char do |c|
-      if (matches[included,c] && !matches[excluded,c])
-        formatted << yield(c)
-      else
-        formatted << c
-      end
+    each_char do |c|
+      formatted << if (matches[included,c] && !matches[excluded,c])
+                     yield(c)
+                   else
+                     c
+                   end
     end
 
     return formatted
@@ -162,8 +346,8 @@ class String
   # @api public
   #
   def insert_before(pattern,data)
-    string = self.dup
-    index = string.index(pattern)
+    string = dup
+    index  = string.index(pattern)
 
     string.insert(index,data) if index
     return string
@@ -184,8 +368,8 @@ class String
   # @api public
   #
   def insert_after(pattern,data)
-    string = self.dup
-    match = string.match(pattern)
+    string = dup
+    match  = string.match(pattern)
 
     if match
       index = match.end(match.length - 1)
@@ -215,19 +399,19 @@ class String
   #
   # @api public
   #
-  def pad(padding,max_length=self.length)
+  def pad(padding,max_length=length)
     padding = padding.to_s
 
-    if max_length >= self.length
-      max_length -= self.length
+    if max_length > length
+      max_length -= length
     else
       max_length = 0
     end
 
     padded = self + (padding * (max_length / padding.length))
 
-    unless (remaining = max_length % padding.length) == 0
-      padded << padding[0...remaining]
+    unless (remaining = (max_length % padding.length)) == 0
+      padded << padding[0,remaining]
     end
 
     return padded