checker

package

v0.0.0-...-dfe0916 Latest Latest Go to latest Published: Oct 23, 2022 License: MIT Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/flily/tisqli

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func IsFullInjection(node *syntax.Node, result *FullResult)
func URLDecode(s string) string
type Decoder
- func DefaultDecoders() *Decoder
- func NewDecoder(decoder ...func(string) string) *Decoder
- func (d *Decoder) Decode(s string) string
type FullChecker
- func DefaultFullChecker() *FullChecker
- func NewFullChecker(decoder *Decoder) *FullChecker
- func (c *FullChecker) Check(raw string) *FullResult
type FullElementResult
type FullResult
- func (r *FullResult) IsInjection() bool
type PartialChecker
- func DefaultPartialChecker() *PartialChecker
- func NewPartialChecker(templates []PartialSQLTemplate, decoder *Decoder) *PartialChecker
- func (c *PartialChecker) Check(raw string) *PartialResult
type PartialResult
- func (r *PartialResult) IsInjection() bool
type PartialSQLCheckResult
- func (r *PartialSQLCheckResult) SQL() string
- func (r *PartialSQLCheckResult) SQLInColour() string
type PartialSQLTemplate
- func (t PartialSQLTemplate) Build(input string) string
- func (t PartialSQLTemplate) Check(payload string) *PartialSQLCheckResult
- func (t PartialSQLTemplate) Correct() string

Constants ¶

View Source

const (
	FullCheckReasonOK                       = "ok"
	FullCheckReasonModified                 = "AST modified"
	FullCheckReasonMoreStatements           = "none or multiple SQls"
	FullCheckReasonSyntaxError              = "syntax error"
	FullCheckReasonConstantBinaryExpression = "constant binary expression"
	FullCheckReasonConstantSelectStatement  = "constant select statement"
)

View Source

const (
	PartialCheckReasonOK             = "ok"
	PartialCheckReasonModified       = "AST modified"
	PartialCheckReasonTemplateError  = "template error"
	PartialCheckReasonSyntaxError    = "syntax error"
	PartialCheckReasonMoreStatements = "none or multiple SQls"
)

Variables ¶

This section is empty.

Functions ¶

func IsFullInjection ¶

func IsFullInjection(node *syntax.Node, result *FullResult)

func URLDecode ¶

func URLDecode(s string) string

URLDecode decodes a string in URL encoding.

Types ¶

type Decoder ¶

type Decoder struct {
	Decoders []func(string) string
}

Decoder is a chain of decoders for SQL statements.

func DefaultDecoders ¶

func DefaultDecoders() *Decoder

DefaultDecoders returns the default decoders, with URLDecode.

func NewDecoder ¶

func NewDecoder(decoder ...func(string) string) *Decoder

NewDecoder creates a new decoder with the given decoders.

func (*Decoder) Decode ¶

func (d *Decoder) Decode(s string) string

type FullChecker ¶

type FullChecker struct {
	Decoder *Decoder
}

func DefaultFullChecker ¶

func DefaultFullChecker() *FullChecker

func NewFullChecker ¶

func NewFullChecker(decoder *Decoder) *FullChecker

func (*FullChecker) Check ¶

func (c *FullChecker) Check(raw string) *FullResult

type FullElementResult ¶

type FullElementResult struct {
	Reason string
	Text   string
}

type FullResult ¶

type FullResult struct {
	Err                     error
	Reason                  string
	Elements                []FullElementResult
	AllowMultipleStatements bool
}

func (*FullResult) IsInjection ¶

func (r *FullResult) IsInjection() bool

type PartialChecker ¶

type PartialChecker struct {
	Templates []PartialSQLTemplate
	Decoder   *Decoder
}

func DefaultPartialChecker ¶

func DefaultPartialChecker() *PartialChecker

DefaultPartialChecker Create a checker for partial SQL, with default templates and decoders.

func NewPartialChecker ¶

func NewPartialChecker(templates []PartialSQLTemplate, decoder *Decoder) *PartialChecker

NewPartialChecker Create a checker for partial SQL, with custom templates and decoders.

func (*PartialChecker) Check ¶

func (c *PartialChecker) Check(raw string) *PartialResult

Check checks if the payload is a SQL injection. Payload CAN BE encoded, and will be decoded before checking.

type PartialResult ¶

type PartialResult struct {
	Results []PartialSQLCheckResult
}

func (*PartialResult) IsInjection ¶

func (r *PartialResult) IsInjection() bool

IsInjection Is a SQL injection, at least one template is a SQL injection.

type PartialSQLCheckResult ¶

type PartialSQLCheckResult struct {
	IsInjection bool
	Template    string
	Payload     string
	Reason      string
	Err         error
	AstCorrect  []*syntax.Node
	AstPartial  []*syntax.Node
}

PartialSQLCheckResult is the result of partial SQL injection checking

func (*PartialSQLCheckResult) SQL ¶

func (r *PartialSQLCheckResult) SQL() string

func (*PartialSQLCheckResult) SQLInColour ¶

func (r *PartialSQLCheckResult) SQLInColour() string

type PartialSQLTemplate ¶

type PartialSQLTemplate struct {
	Template       string
	CorrectPayload string
}

PartialSQLTemplate is a template for partial SQL injection checking.

func (PartialSQLTemplate) Build ¶

func (t PartialSQLTemplate) Build(input string) string

func (PartialSQLTemplate) Check ¶

func (t PartialSQLTemplate) Check(payload string) *PartialSQLCheckResult

Check checks if the payload is a SQL injection. Payload MUST BE raw SQL text.

func (PartialSQLTemplate) Correct ¶

func (t PartialSQLTemplate) Correct() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL