Class: Aikido::Zen::Attacks::SQLInjectionAttack

Inherits:

Aikido::Zen::Attack

• Object
• Aikido::Zen::Attack
• Aikido::Zen::Attacks::SQLInjectionAttack

Defined in:

lib/aikido/zen/attack.rb

Instance Attribute Summary

• #dialect ⇒ Object readonly

  Returns the value of attribute dialect.

• #input ⇒ Object readonly

  Returns the value of attribute input.

• #query ⇒ Object readonly

  Returns the value of attribute query.

Attributes inherited from Aikido::Zen::Attack

#context, #operation, #sink

Instance Method Summary

• #exception ⇒ Object
• #humanized_name ⇒ Object
• #initialize(query:, input:, dialect:, **opts) ⇒ SQLInjectionAttack constructor

  A new instance of SQLInjectionAttack.

• #kind ⇒ Object
• #metadata ⇒ Object

Methods inherited from Aikido::Zen::Attack

#as_json, #blocked?, #will_be_blocked!

Constructor Details

#initialize(query:, input:, dialect:, **opts) ⇒ SQLInjectionAttack

Returns a new instance of SQLInjectionAttack.

# File 'lib/aikido/zen/attack.rb', line 120

def initialize(query:, input:, dialect:, **opts)
  super(**opts)
  @query = query
  @input = input
  @dialect = dialect
end

Instance Attribute Details

#dialect ⇒ Object (readonly)

Returns the value of attribute dialect.

# File 'lib/aikido/zen/attack.rb', line 118

def dialect
  @dialect
end

#input ⇒ Object (readonly)

Returns the value of attribute input.

# File 'lib/aikido/zen/attack.rb', line 117

def input
  @input
end

#query ⇒ Object (readonly)

Returns the value of attribute query.

# File 'lib/aikido/zen/attack.rb', line 116

def query
  @query
end

Instance Method Details

#exception ⇒ Object

# File 'lib/aikido/zen/attack.rb', line 139

def exception(*)
  SQLInjectionError.new(self)
end

#humanized_name ⇒ Object

# File 'lib/aikido/zen/attack.rb', line 127

def humanized_name
  "SQL injection"
end

#kind ⇒ Object

# File 'lib/aikido/zen/attack.rb', line 131

def kind
  "sql_injection"
end

#metadata ⇒ Object

# File 'lib/aikido/zen/attack.rb', line 135

def metadata
  {sql: @query}
end