Collaboration diagram for src.lib.sql.sql_injection.SQLInjection:

Public Member Functions
None	__init__ (self, int error=84, int success=0, bool debug=False)

bool	check_if_symbol_sql_injection (self, Union[str, List[str]] string)

bool	check_if_command_sql_injection (self, Union[str, List[str]] string)

bool	check_if_logic_gate_sql_injection (self, Union[str, List[str]] string)

bool	check_if_symbol_and_command_injection (self, Union[str, List[str]] string)

bool	check_if_symbol_and_logic_gate_injection (self, Union[str, List[str]] string)

bool	check_if_command_and_logic_gate_injection (self, Union[str, List[str]] string)

bool	check_if_sql_injection (self, Union[str, List[str]] string)

bool	check_if_injections_in_strings (self, Union[str, List[str], List[List[str]]] array_of_strings)

int	run_test (self, str title, List[str] array, object function, bool expected_response=False, int global_status=0)

int	test_injection_class (self)

Data Fields
bool	debug = debug

int	error = error

int	success = success

Disp	disp

tuple	injection_err = (-1)

str	injection_message = "Injection attempt detected"

list	symbols = [';', '--', '/', '/']

list	keywords

List[str]	command = self.keywords

list	logic_gates = ['OR', 'AND', 'NOT']

list	all = []

str	symbols = "(check_if_symbol_sql_injection) string must be a string or a List of strings"

str	keywords = "(check_if_command_sql_injection) string must be a string or a List of strings"

str	logic_gates = "(check_if_logic_gate_sql_injection) string must be a string or a List of strings"

str	all = "(check_if_sql_injection) string must be a string or a List of strings"

Protected Member Functions
None	_perror (self, str string="")

bool	_is_base64 (self, str string)

Detailed Description

 Check if an sql injection is present

Definition at line 16 of file sql_injection.py.

Constructor & Destructor Documentation

◆ init()

None src.lib.sql.sql_injection.SQLInjection.__init__	(		self,
		int	error = 84,
		int	success = 0,
		bool	debug = False )

Definition at line 19 of file sql_injection.py.

Member Function Documentation

◆ _is_base64()

bool src.lib.sql.sql_injection.SQLInjection._is_base64	(		self,
		str	string )

protected

 Check if a string is base64 encoded

Definition at line 51 of file sql_injection.py.

◆ _perror()

None src.lib.sql.sql_injection.SQLInjection._perror	(		self,
		str	string = "" )

protected

 Print an error message

Definition at line 47 of file sql_injection.py.

◆ check_if_command_and_logic_gate_injection()

bool src.lib.sql.sql_injection.SQLInjection.check_if_command_and_logic_gate_injection	(		self,
		Union[str, List[str]]	string )

 Check if command and logic gates are the source of the injection

Definition at line 144 of file sql_injection.py.

◆ check_if_command_sql_injection()

bool src.lib.sql.sql_injection.SQLInjection.check_if_command_sql_injection	(		self,
		Union[str, List[str]]	string )

 Check if sql keywords are present

Definition at line 82 of file sql_injection.py.

◆ check_if_injections_in_strings()

bool src.lib.sql.sql_injection.SQLInjection.check_if_injections_in_strings	(		self,
		Union[str, List[str], List[List[str]]]	array_of_strings )

 Check if there is an injection in the provided array of strings

Definition at line 171 of file sql_injection.py.

◆ check_if_logic_gate_sql_injection()

bool src.lib.sql.sql_injection.SQLInjection.check_if_logic_gate_sql_injection	(		self,
		Union[str, List[str]]	string )

 Check if a logic gate is present

Definition at line 107 of file sql_injection.py.

◆ check_if_sql_injection()

bool src.lib.sql.sql_injection.SQLInjection.check_if_sql_injection	(		self,
		Union[str, List[str]]	string )

 Check if there is an sql injection, uses all the parameters

Definition at line 152 of file sql_injection.py.

◆ check_if_symbol_and_command_injection()

bool src.lib.sql.sql_injection.SQLInjection.check_if_symbol_and_command_injection	(		self,
		Union[str, List[str]]	string )

 Check if symbols and commands are the source of the injection

Definition at line 128 of file sql_injection.py.

◆ check_if_symbol_and_logic_gate_injection()

bool src.lib.sql.sql_injection.SQLInjection.check_if_symbol_and_logic_gate_injection	(		self,
		Union[str, List[str]]	string )

 Check if symbols and logic gates are the source of the injection

Definition at line 136 of file sql_injection.py.

◆ check_if_symbol_sql_injection()

bool src.lib.sql.sql_injection.SQLInjection.check_if_symbol_sql_injection	(		self,
		Union[str, List[str]]	string )

 Check if symbols are the source of the injection

Definition at line 59 of file sql_injection.py.

◆ run_test()

int src.lib.sql.sql_injection.SQLInjection.run_test	(		self,
		str	title,
		List[str]	array,
		object	function,
		bool	expected_response = False,
		int	global_status = 0 )

 Run a test and return it's status

Definition at line 195 of file sql_injection.py.

◆ test_injection_class()

int src.lib.sql.sql_injection.SQLInjection.test_injection_class ( self )

 Test the injection class

Definition at line 209 of file sql_injection.py.

Field Documentation

◆ all [1/2]

list src.lib.sql.sql_injection.SQLInjection.all = []

Definition at line 42 of file sql_injection.py.

◆ all [2/2]

str src.lib.sql.sql_injection.SQLInjection.all = "(check_if_sql_injection) string must be a string or a List of strings"

Definition at line 162 of file sql_injection.py.

◆ command

List[str] src.lib.sql.sql_injection.SQLInjection.command = self.keywords

Definition at line 40 of file sql_injection.py.

◆ debug

bool src.lib.sql.sql_injection.SQLInjection.debug = debug

Definition at line 21 of file sql_injection.py.

◆ disp

Disp src.lib.sql.sql_injection.SQLInjection.disp

Initial value:

=  Disp(
            TOML_CONF,
            SAVE_TO_FILE,
            FILE_NAME,
            self.debug,
            logger=self.__class__.__name__
        )

Definition at line 25 of file sql_injection.py.

◆ error

int src.lib.sql.sql_injection.SQLInjection.error = error

Definition at line 22 of file sql_injection.py.

◆ injection_err

tuple src.lib.sql.sql_injection.SQLInjection.injection_err = (-1)

Definition at line 33 of file sql_injection.py.

◆ injection_message

str src.lib.sql.sql_injection.SQLInjection.injection_message = "Injection attempt detected"

Definition at line 34 of file sql_injection.py.

◆ keywords [1/2]

src.lib.sql.sql_injection.SQLInjection.keywords

Initial value:

=  [
            'SELECT', 'INSERT', 'UPDATE', 'DELETE',
            'DROP', 'CREATE', 'ALTER', 'TABLE', 'UNION', 'JOIN', 'WHERE'
        ]

Definition at line 36 of file sql_injection.py.

◆ keywords [2/2]

str src.lib.sql.sql_injection.SQLInjection.keywords = "(check_if_command_sql_injection) string must be a string or a List of strings"

Definition at line 94 of file sql_injection.py.

◆ logic_gates [1/2]

list src.lib.sql.sql_injection.SQLInjection.logic_gates = ['OR', 'AND', 'NOT']

Definition at line 41 of file sql_injection.py.

◆ logic_gates [2/2]

str src.lib.sql.sql_injection.SQLInjection.logic_gates = "(check_if_logic_gate_sql_injection) string must be a string or a List of strings"

Definition at line 115 of file sql_injection.py.

◆ success

int src.lib.sql.sql_injection.SQLInjection.success = success

Definition at line 23 of file sql_injection.py.

◆ symbols [1/2]

src.lib.sql.sql_injection.SQLInjection.symbols = [';', '--', '/*', '*/']

Definition at line 35 of file sql_injection.py.

◆ symbols [2/2]

str src.lib.sql.sql_injection.SQLInjection.symbols = "(check_if_symbol_sql_injection) string must be a string or a List of strings"

Definition at line 69 of file sql_injection.py.

The documentation for this class was generated from the following file:

app/back/server/src/lib/sql/sql_injection.py

Public Member Functions

Data Fields

Protected Member Functions