Module: Msf::Exploit::SQLi

Defined in:
lib/msf/core/exploit/sqli.rb,
lib/msf/core/exploit/sqli/common.rb,
lib/msf/core/exploit/sqli/time_based_blind_mixin.rb,
lib/msf/core/exploit/sqli/boolean_based_blind_mixin.rb

Overview

This mixin provides helpers to perform SQL injection

  • provides a level of abstraction for common queries, for example, querying the table names

  • implements blind and time-based SQL injection in a reusable manner

  • Highly extendable (user can run any code to perform the requests, encode payloads and parse results)

Defined Under Namespace

Modules: BooleanBasedBlindMixin, MySQLi, PostgreSQLi, SQLitei, TimeBasedBlindMixin, Utils Classes: Common

Instance Method Summary collapse

Instance Method Details

#create_sqli(dbms:, opts: {}, &query_proc) ⇒ Object

Creates an SQL injection object, this is the method module writers should use

Parameters:

  • dbms (Class)

    The SQL injection class you intend to use

  • opts (Hash) (defaults to: {})

    The options to use with this SQL injection

  • query_proc (Proc)

    The proc that takes an SQL payload as a parameter, and queries the server

Returns:

  • (Object)

    an instance of dbms

Raises:

  • (ArgumentError)

25
26
27
28
29
# File 'lib/msf/core/exploit/sqli.rb', line 25

def create_sqli(dbms:, opts: {}, &query_proc)
  raise ArgumentError, 'Invalid dbms class' unless dbms.is_a?(Class) && dbms.ancestors.include?(Msf::Exploit::SQLi::Common)

  dbms.new(datastore, framework, user_output, opts, &query_proc)
end

#initialize(info = {}) ⇒ Object


9
10
11
12
13
14
15
16
# File 'lib/msf/core/exploit/sqli.rb', line 9

def initialize(info = {})
  super
  register_advanced_options(
    [
      OptFloat.new('SqliDelay', [ false, 'The delay to sleep on time-based blind SQL injections', 1.0 ])
    ]
  )
end