ATACKPR
/
public-inputvalidation-sqllexer
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
No Description
1 Commit
1 Branch
Tree: 6b23255e40
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6b23255e40'
${ noResults }
public-inputvalidation-sqll.../SQLInjection.py

SQLInjection.py 933B
History Raw

123456789101112131415161718192021222324252627282930313233343536373839 
  1. 

  2. from SQLLexer import *

  3. 

  4. class SQLInjection():

  5. 

  6. 	def __init__(self):

  7. 			self.lexer = SQLLexer()

  8. 			self.lexer.build()

  9. 

  10. 			self.u_tok_counter = None

  11. 			self.s_tok_counter = None

  12. 

  13. 

  14. 	def validateLex(self, sample_sql, user_sql):

  15. 

  16. 		self.s_tok_counter = self.lexer.getTokensHash()

  17. 		self.u_tok_counter = self.lexer.getTokensHash()

  18. 

  19. 		for tok in self.lexer.tokenize(sample_sql):

  20. 	 		self.s_tok_counter[tok.type] += 1

  21. 

  22. 	 	for tok in self.lexer.tokenize(user_sql):

  23. 	 		self.u_tok_counter[tok.type] += 1

  24. 

  25. 	 	return self.s_tok_counter == self.u_tok_counter

  26. 

  27. 	def getLastTokCounters(self):

  28. 		return self.s_tok_counter, self.u_tok_counter

  29. 

  30. 

  31. if __name__ == '__main__':

  32. 

  33. 	sqlI = SQLInjection()

  34. 

  35. 	# Test 1

  36. 	print sqlI.validateLex("""select cat from dog where casa=1 ;""", """select cat from dog where casa=1 ;""")

  37. 

  38. 	# Test 2

  39. 	print sqlI.validateLex("""select cat from dog where casa=1 ;""", """select cat from dog where casa=1 and cat="miau" ;""")