Class: Aikido::Zen::Attacks::SQLInjectionAttack

Inherits:
Aikido::Zen::Attack show all
Defined in:
lib/aikido/zen/attack.rb

Instance Attribute Summary collapse

Attributes inherited from Aikido::Zen::Attack

#context, #operation, #sink

Instance Method Summary collapse

Methods inherited from Aikido::Zen::Attack

#as_json, #blocked?, #will_be_blocked!

Constructor Details

#initialize(query:, input:, dialect:, **opts) ⇒ SQLInjectionAttack

Returns a new instance of SQLInjectionAttack.



124
125
126
127
128
129
 
# File 'lib/aikido/zen/attack.rb', line 124

def initialize(query:, input:, dialect:, **opts)
  super(**opts)
  @query = query
  @input = input
  @dialect = dialect
end

Instance Attribute Details

#dialectObject (readonly)

Returns the value of attribute dialect.



122
123
124
 
# File 'lib/aikido/zen/attack.rb', line 122

def dialect
  @dialect
end

#inputObject (readonly)

Returns the value of attribute input.



121
122
123
 
# File 'lib/aikido/zen/attack.rb', line 121

def input
  @input
end

#queryObject (readonly)

Returns the value of attribute query.



120
121
122
 
# File 'lib/aikido/zen/attack.rb', line 120

def query
  @query
end

Instance Method Details

#exceptionObject 



146
147
148
 
# File 'lib/aikido/zen/attack.rb', line 146

def exception(*)
  SQLInjectionError.new(self)
end

#humanized_nameObject 



131
132
133
 
# File 'lib/aikido/zen/attack.rb', line 131

def humanized_name
  "SQL injection"
end

#kindObject 



135
136
137
 
# File 'lib/aikido/zen/attack.rb', line 135

def kind
  "sql_injection"
end

#metadataObject 



139
140
141
142
143
144
 
# File 'lib/aikido/zen/attack.rb', line 139

def metadata
  {
    sql: @query,
    dialect: @dialect.name
  }
end