Dealing with database is a required knowledge in web testing and here we will go though most known databases and how to deal with it in ruby.


  • Install sqlite3 gem

    gem install sqlite3

    You've have to have sqlite3 development libraries installed on your system

    apt-get install libsqlite3-dev
  • Basic operations

require "sqlite3"

# Open/Create a database
db = "rubyfu.db"

# Create a table
rows = db.execute <<-SQL
  CREATE TABLE attackers (
   name TEXT    NOT NULL,
   ip   CHAR(50)

# Execute a few inserts
  'Anonymous'    => "",
  'LulzSec'      => "",
  'Lizard Squad' => ""
}.each do |attacker, ip|
  db.execute("INSERT INTO attackers (name, ip)
              VALUES (?, ?)", [attacker, ip])

# Find a few rows
db.execute "SELECT id,name,ip FROM attackers"

# List all tables
db.execute  "SELECT * FROM sqlite_master where type='table'"

Active Record

  • Install ActiveRecord gem

    gem install activerecord

MySQL database

  • Install MySQL adapter gem

    gem install mysql

Login to mysql console and create database rubyfu_db and table attackers

create database rubyfu_db;

grant all on rubyfu_db.* to 'root'@'localhost';

create table attackers (
  id int not null auto_increment,
  name varchar(100) not null,
  ip text not null,
  primary key (id)


The outputs look like following

mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 41
Server version: 5.5.44-0ubuntu0.14.04.1 (Ubuntu)

Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> create database rubyfu_db;
Query OK, 1 row affected (0.00 sec)

mysql> grant all on rubyfu_db.* to 'root'@'localhost';
Query OK, 0 rows affected (0.00 sec)

mysql> use rubyfu_db;
Database changed
mysql> create table attackers (
    ->   id int not null auto_increment,
    ->   name varchar(100) not null,
    ->   ip text not null,
    ->   primary key (id)
    -> );
Query OK, 0 rows affected (0.01 sec)

mysql> exit

Now, let's to connect to rubyfu_db database

require 'active_record'
:adapter  => "mysql",
:username => "root",
:password => "root",
:host     => "localhost",
:database => "rubyfu_db"

class Attackers < ActiveRecord::Base
  • Using the ActiveRecord library, available as the activerecord gem.

  • Using the ActiveRecord adapter namely mysql

  • Establishing a connection to the database rubyfu_db

  • Creating a class called Attackers following the conventions mentioned above (attacker)

Attackers.create(:name => 'Anonymous',    :ip => "")
Attackers.create(:name => 'LulzSec',      :ip => "")
Attackers.create(:name => 'Lizard Squad', :ip => "")

You will observe that ActiveRecord examines the database tables themselves to find out which columns are available. This is how we were able to use accessor methods for without explicitly defining them: we defined them in the database, and ActiveRecord picked them up.

You can find the item

  • by id

  • by name

    Attackers.find_by(name: "Anonymous")


    #<Attackers:0x000000010a6ad0 id: 1, name: "Anonymous", ip: "">

or you can work it as object

attacker = Attackers.find(3)

If you want to delete an item from the database, you can use the destroy (Deletes the record in the database) method of ActiveRecord::Base:


So to write a complete script,

#!/usr/bin/env ruby
# ActiveRecord with MySQL
require 'active_record'

# Connect to database
                                        :adapter  => "mysql",
                                        :username => "root",
                                        :password => "root",
                                        :host     => "localhost",
                                        :database => "rubyfu_db"

# Create Active Record Model for the table
class Attackers < ActiveRecord::Base

# Create New Entries to the table
Attackers.create(:name => 'Anonymous',    :ip => "")
Attackers.create(:name => 'LulzSec',      :ip => "")
Attackers.create(:name => 'Lizard Squad', :ip => "")

# Interact with table items
attacker = Attackers.find(3)

# Delete a table Item

Oracle database

  • Prerequisites

in order to make ruby-oci8 -which is the main dependency for oracle driver- works you've to do some extra steps:

  • Download links for Linux | Windows | Mac

    • instantclient-basic-[OS].[Arch]-[VERSION].zip

    • instantclient-sqlplus-[OS].[Arch]-[VERSION].zip

    • instantclient-sdk-[OS].[Arch]-[VERSION].zip

  • Unzip downloaded files

unzip -qq
unzip -qq
unzip -qq
  • Create system directories

    as root / sudo

mkdir -p /usr/local/oracle/{network,product/instantclient_64/{bin,lib,jdbc/lib,rdbms/jlib,sqlplus/admin/}}

The file structure should be

├── admin
│   └── network
└── product
    └── instantclient_64
            ├── bin
            ├── jdbc
            │   └── lib
            ├── lib
            ├── rdbms
            │   └── jlib
            └── sqlplus
                └── admin
  • Move files

cd instantclient_12_1

mv ojdbc* /usr/local/oracle/product/instantclient_64/
mv x*.jar /usr/local/oracle/product/instantclient_64/
# rename glogin.sql to login.sql
mv glogin.sql /usr/local/oracle/product/instantclient_64/
mv sdk /usr/local/oracle/product/instantclient_64/
mv *README /usr/local/oracle/product/instantclient_64/
mv * /usr/local/oracle/product/instantclient_64/
# Symlink of instantclient
cd /usr/local/oracle/product/instantclient_64/
ln -s
ln -s ../lib/sdk sdk
cd -
  • Setup environment

Append oracle environment variables in to ~/.bashrc Then add the following:

# Oracle Environment
export ORACLE_BASE=/usr/local/oracle
export ORACLE_HOME=$ORACLE_BASE/product/instantclient_64/
export TNS_ADMIN=$ORACLE_BASE/admin/network
export SQLPATH=$ORACLE_HOME/sqlplus/admin

Then run:

source ~/.bashrc
  • Install Oracle adapter gem

    gem install ruby-oci8 activerecord-oracle_enhanced-adapter

Now let's to connect

require 'active_record'

                      :adapter  => "oracle_enhanced",
                      :database => "",
                      :username => "SYSDBA",
                      :password => "welcome1"

class DBAUsers < ActiveRecord::Base

MSSQL database

  • Install MSSQL adapter gem

gem install tiny_tds activerecord-sqlserver-adapter

Last updated