Sha256: da0344550ab1021f97c248370cfc5357b0c8da985d99f5b970cc54aae9d06a90

Contents?: true

Size: 830 Bytes

Versions: 2

Compression:

Stored size: 830 Bytes

Contents

require 'ronin/sql/extensions/uri/http'

require 'spec_helper'

describe URI::HTTP do
  before(:all) do
    @url = URI('http://testasp.acunetix.com/showthread.asp?id=2')
  end

  it "should determine which query params have SQL errors" do
    @url.sql_errors.should == {'id' => '2'}
  end

  it "should find all SQL injections" do
    injections = @url.sql_injections
    injection = injections.first

    injections.length.should == 1

    injection.param.should == 'id'
    injection.sql_options[:escape].should == '2'
  end

  it "should find the first working SQL injection" do
    injection = @url.sql_injection

    injection.param.should == 'id'
    injection.sql_options[:escape].should == '2'
  end

  it "should determine if a URL is vulnerable to SQL injection" do
    @url.has_sql_injections?.should == true
  end
end

Version data entries

2 entries across 2 versions & 1 rubygems

Version Path
ronin-sql-0.2.4 spec/sql/extensions/uri/http_spec.rb
ronin-sql-0.2.3 spec/sql/extensions/uri/http_spec.rb