Module: PWN::Plugins::DAOSQLite3

Defined in:
lib/pwn/plugins/dao_sqlite3.rb

Overview

This plugin is a data access object used for interacting w/ SQLite3 databases.

Class Method Summary collapse

Class Method Details

.authorsObject

Author(s)

0day Inc. <[email protected]>



100
101
102
103
104
 
# File 'lib/pwn/plugins/dao_sqlite3.rb', line 100

public_class_method def self.authors
  "AUTHOR(S):
    0day Inc. <[email protected]>
  "
end

.connect(opts = {}) ⇒ Object

Supported Method Parameters

PWN::Plugins::DAOSQLite3.connect(

db_path: 'Required - Path of SQLite3 DB File'

)



15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
 
# File 'lib/pwn/plugins/dao_sqlite3.rb', line 15

public_class_method def self.connect(opts = {})
  db_path = opts[:db_path]

  sqlite3_conn = SQLite3::Database.new(db_path)
  sqlite3_conn.results_as_hash = true
  # Be sure to enable foreign key support for each connection
  sql_enable_fk = 'PRAGMA foreign_keys = ON;'
  res = sql_statement(
    sqlite3_conn: sqlite3_conn,
    prepared_statement: sql_enable_fk
  )
  # TODO: better handling since sqlite3 gem always returns SQLite3::Database
  # whether DB exists or not
  unless sqlite3_conn.instance_of?(SQLite3::Database)
    raise "
      Connection Error - class should be SQLite3::Database...received:
      sqlite3_conn = #{sqlite3_conn.inspect}
      sqlite3_conn.class = #{sqlite3_conn.class}
    "
  end

  sqlite3_conn
rescue StandardError => e
  raise e
end

.disconnect(opts = {}) ⇒ Object

Supported Method Parameters

PWN::Plugins::DAOSQLite3.disconnect(

sqlite3_conn: sqlite3_conn

)



89
90
91
92
93
94
95
96
 
# File 'lib/pwn/plugins/dao_sqlite3.rb', line 89

public_class_method def self.disconnect(opts = {})
  sqlite3_conn = opts[:sqlite3_conn]
  validate_sqlite3_conn(sqlite3_conn: sqlite3_conn)

  sqlite3_conn.close
rescue StandardError => e
  raise e
end

.helpObject

Display Usage for this Module



108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
 
# File 'lib/pwn/plugins/dao_sqlite3.rb', line 108

public_class_method def self.help
  puts "USAGE:
    sqlite3_conn = #{self}.connect(db_path: 'Required - Path of SQLite3 DB File')

    res = #{self}.sql_statement(
      sqlite3_conn: sqlite3_conn,
      prepared_statement: 'SELECT * FROM tn_users WHERE state = ?;',
      statement_params: ['Active']
    )

    #{self}.disconnect(:sqlite3_conn => sqlite3_conn)

    #{self}.authors
  "
end

.sql_statement(opts = {}) ⇒ Object

Supported Method Parameters

PWN::Plugins::DAOSQLite3.sql_statement(

sqlite3_conn: sqlite3_conn,
prepared_statement: 'SELECT * FROM tn_users WHERE state = ?;',
statement_params: ['Active']

)



60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
# File 'lib/pwn/plugins/dao_sqlite3.rb', line 60

public_class_method def self.sql_statement(opts = {})
  sqlite3_conn = opts[:sqlite3_conn]
  validate_sqlite3_conn(sqlite3_conn: sqlite3_conn)
  prepared_statement = opts[:prepared_statement] # Can also be leveraged for 'select * from user;'
  statement_params = opts[:statement_params] # << Array of Params
  raise "Error: :statement_params => #{statement_params.class}. Pass as an Array object" unless statement_params.instance_of?(Array) || statement_params.nil?

  begin
    if statement_params.nil?
      res = sqlite3_conn.execute(prepared_statement)
    else
      res = sqlite3_conn.execute(prepared_statement, statement_params)
    end
  rescue SQLite3::BusyException
    puts 'Database In Use - Retrying...'
    sleep 0.3
    retry
  end

  res
rescue StandardError => e
  raise e
end