ATACKPR
/
public-inputvalidation-sqlparser
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
No Description
1 Commit
1 Branch
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
public-inputvalidation-sqlp.../InjectionParserTest.py

InjectionParserTest.py 1.1KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354 
  1. from SQLInjection import *

  2. 

  3. if __name__ == '__main__':

  4. 

  5. 	sqlI = SQLInjection()

  6. 

  7. 	# Test 1

  8. 	sample = """select cat from dog where casa=1 ;"""

  9. 	u_input =  """select cat from dog where casa=2 ;"""

  10. 

  11. 

  12. 	print "Test 1"

  13. 	print "Sample:  ", sample

  14. 	print "User In: ", u_input

  15. 	print "Is Valid?: ", sqlI.validateParser(sample, u_input)

  16. 	print

  17. 

  18. 	# Test 2

  19. 

  20. 	u_input = """select cat from dog where casa=1 and cat="miau" ;"""

  21. 	print "Test 1"

  22. 	print "Sample:  ", sample

  23. 	print "User In: ", u_input

  24. 	print "Is Valid?: ", sqlI.validateParser(sample, u_input)

  25. 	print

  26. 

  27. 	# Interactive Example with user input

  28. 

  29. 	print "Follow the instruction and then try to inject SQL."

  30. 

  31. 	while True:

  32. 		try: 

  33. 			s = raw_input("Input a number> ")

  34. 		except EOFError:

  35. 			break

  36. 

  37. 		u_input = """select cat from dog where casa=%s ;""" %s

  38. 		print "User query: %s" % u_input

  39. 

  40. 		try:

  41. 			print "Is Valid?: ", sqlI.validateParser(sample, u_input)

  42. 			s_ast, u_ast = sqlI.getLastAsts()

  43. 			print "Sample AST: "

  44. 			sqlI.print_ast(s_ast)

  45. 			print

  46. 			print "User   AST: "

  47. 			sqlI.print_ast(u_ast)

  48. 			print 

  49. 		except:

  50. 			print "False"

  51. 

  52. 

  53.