Class: Ronin::Vulns::CLI::Commands::Sqli Private

Inherits:
WebVulnCommand show all
Defined in:
lib/ronin/vulns/cli/commands/sqli.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Scans URL(s) for SQL injection (SQLi) vulnerabilities.

Usage

ronin-vulns sqli [options] {URL ... | --input FILE}

Options

    --db NAME                    The database to connect to (Default: default)
    --db-uri URI                 The database URI to connect to
    --db-file PATH               The sqlite3 database file to use
    --import                     Imports discovered vulnerabilities into the database
    --first                      Only find the first vulnerability for each URL
-A, --all                        Find all vulnerabilities for each URL
    --print-curl                 Also prints an example curl command for each vulnerability
    --print-http                 Also prints an example HTTP request for each vulnerability
-M COPY|DELETE|GET|HEAD|LOCK|MKCOL|MOVE|OPTIONS|PATCH|POST|PROPFIND|PROPPATCH|PUT|TRACE|UNLOCK,
    --request-method             The HTTP request method to use
-H, --header "Name: value"       Sets an additional header
-U, --user-agent-string STRING   Sets the User-Agent header
-u chrome-linux|chrome-macos|chrome-windows|chrome-iphone|chrome-ipad|chrome-android|firefox-linux|firefox-macos|firefox-windows|firefox-iphone|firefox-ipad|firefox-android|safari-macos|safari-iphone|safari-ipad|edge,
    --user-agent                 Sets the User-Agent to use
-C, --cookie COOKIE              Sets the raw Cookie header
-c, --cookie-param NAME=VALUE    Sets an additional cookie param
-R, --referer URL                Sets the Referer header
-F, --form-param NAME=VALUE      Sets an additional form param
    --test-query-param NAME      Tests the URL query param name
    --test-all-query-params      Test all URL query param names
    --test-header-name NAME      Tests the HTTP Header name
    --test-cookie-param NAME     Tests the HTTP Cookie name
    --test-all-cookie-params     Test all Cookie param names
    --test-form-param NAME       Tests the form param name
    --test-all-form-params       Test all form param names
-i, --input FILE                 Reads URLs from the list file
-Q, --escape-quote               Escapes quotation marks
-P, --escape-parens              Escapes parenthesis
-T, --terminate                  Terminates the SQL expression with a --
-h, --help                       Print help information

Arguments

[URL ...]                        The URL(s) to scan

Constant Summary

Constants included from Printing

Printing::VULN_TYPES

Instance Attribute Summary

Attributes inherited from WebVulnCommand

#scan_kwargs, #scan_mode

Instance Method Summary collapse

Methods inherited from WebVulnCommand

#cookie, #form_data, #headers, #initialize, #print_vuln, #print_vulns, #process_url, #process_vuln, #referer, #referer=, #request_method, #request_method=, #run, #test_cookie_params, #test_cookie_params=, #test_form_params, #test_form_params=, #test_header_names, #test_query_params, #test_query_params=, #user_agent, #user_agent=

Methods included from Importable

#import_vuln, included

Methods included from Printing

#log_vuln, #print_vuln, #print_vulns, #vuln_param_name, #vuln_param_type, #vuln_type

Constructor Details

This class inherits a constructor from Ronin::Vulns::CLI::WebVulnCommand

Instance Method Details

#scan_url(url) {|vuln| ... } ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Scans a URL for SQLi vulnerabilities.

Parameters:

  • url (String)

    The URL to scan.

Yields:

  • (vuln)

    The given block will be passed each discovered SQLi vulnerability.

Yield Parameters:

  • vuln (Vulns::SQLI)

    A SQLi vulnerability discovered on the URL.



104
105
106
# File 'lib/ronin/vulns/cli/commands/sqli.rb', line 104

def scan_url(url,&block)
  Vulns::SQLI.scan(url,**scan_kwargs,&block)
end

#test_url(url, &block) ⇒ Vulns::SQLI?

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Tests a URL for SQLi vulnerabilities.

Parameters:

  • url (String)

    The URL to test.

Returns:

  • (Vulns::SQLI, nil)

    The first SQLi vulnerability discovered on the URL.



117
118
119
# File 'lib/ronin/vulns/cli/commands/sqli.rb', line 117

def test_url(url,&block)
  Vulns::SQLI.test(url,**scan_kwargs)
end