- Added {Ronin::SQL::InjectionExpr}, so that statements specified within
and { }
,or { }
blocks would not be appending to the {Ronin::SQL::Injection} object. - Made {Ronin::SQL::Field} emittable.
- Added {Ronin::SQL::Emitter#emit_argument}, so that any sub-statements will
be wrapped in
( )
. - Improved {Ronin::SQL::Emitter#emit_field}.
- Fixed {Ronin::SQL::Emitter#emit} to pass {Ronin::SQL::Function}s to {Ronin::SQL::Emitter#emit_function}.
- Require Ruby >= 1.9.1.
- No longer require ronin.
- No longer require ronin-web.
- Added {String#sql_unescape}.
- Moved {String#sql_escape}, {String#sql_encode} and {String#sql_decode} from [ronin-support].
- Refactored the {Ronin::SQL SQL} DSL to be more like
ARel.
- Moved the DSL from
Ronin::Code::SQL
into {Ronin::SQL}.
- Moved the DSL from
- Removed
Ronin::SQL::Error
. - Removed
String#sql_error
. - Removed
String#sql_error?
. - Removed
URI::HTTP.has_sql_errors?
. - Removed
URI::HTTP.sql_error
. - Removed
URI::HTTP.sql_errors
.
- Require ronin >= 0.3.0.
- Require ronin-web >= 0.2.0.
- Require rspec >= 1.1.12.
- Require yard >= 0.2.3.5.
- Updated the project summary and 3-point description for Ronin SQL.
- Moved to YARD based documentation.
- Fixed a formatting issue in the README.txt file, which was causing RDoc to crash.
- Use Hoe >= 2.0.0.
- Require ronin >= 0.2.4.
- Require ronin-web >= 0.1.3.
- Use Ronin::Scanners::Scanner to define the scanner for finding Ronin::SQL::Injection objects for URI::HTTP urls.
- Added more specs.
- Depend on the new ronin-web library.
- Replace Hpricot with Nokogiri.
- Use the new Ronin::Web::Spider, instead of directly using Spidr.
- Use the new Nokogiri extensions from ronin-web.
- Added missing files to the Manifest.
- Require Ronin >= 0.1.3.
- Refactored Ronin::Code::SQL.
- Implemented a token emitter system.
- Support common SQL expression modifiers.
- Support common SQL clauses.
- Allow for injecting arbitrary SQL clauses.
- Added more SQL Injection test generators.
- all_rows:
OR 1 = 1
- exact_rows:
AND 1 = 1
- no_rows:
AND 1 = 0
- has_column?(column):
OR column IS NOT NULL
- has_table?(table):
AND (SELECT FROM table count(*) == 1)
- uses_column?(column):
GROUP BY column HAVING 1 = 1
- uses_table?(table):
OR table IS NOT NULL
- all_rows:
- Removed references to Ronin::Vulnerable.
- Added more specs:
- Specs for most of Ronin::Code::SQL.
- Specs on Ronin::SQL::Error and the SQL encoding/decoding extensions for the String class.
- Trivial bug fix to URI::HTTP#sql_errors.
- Initial release.
- Supports SQL code generation.
- Supports obfustication of SQL code.
- Supports SQL Injection code generation.