It's not going to find everything, and it's definitely not a fully-automated tool, but I find the SQLInjectMe plugin for Firefox to be a very useful tool for SQL injection testing. For more automated scanning, you might try Wikto (http://www.sensepost.com/research/wikto/), although I don't know much about it... Joe wrote: > Hey all, > > Can anyone (Lisa, I'm looking in your direction) recommend a decent SQL > injection scanner? I don't really care if it's server-side or > client-side since it's my server, and I don't need to *exploit* the > injection points, I just need an easy way to find them. I'd like it to > be easy to figure out, generate output or reports that are easy to > follow and not require too much to be installed on the server. > > The reason I'm looking for something is that the server on which my > company hosts its websites has been compromised and I've been putting in > some considerable hours trying to fix things. I've removed malicious > scripts, fixed or removed the exploited code and changed all of our > passwords (from ssh to mysql to user accounts). > > Today, I happened to catch a SQL injection scan and now I'm trying to > look down that path some more. Basically, they used one of our (many) > poorly escaped queries to poll password data for our site login (among > other things). Luckily, I shut the scan down before they got the > passwords so I didn't have to have users reset them *again*. > > I've cleaned up a bunch of the sql code over the past could days, but > I'm wondering if there's a way for me to scan for injections myself and > attack code that is "more vulnerable" than others. I found sqlsus > (http://sqlsus.sourceforge.net/), which looked pretty impressive, but it > didn't run properly and it wasn't really a scanning tool so much as it > was an exploiting tool. I also found Pixy > (http://pixybox.seclab.tuwien.ac.at/pixy/), which looked pretty > comprehensive, but the output looked a little intimidating. Plus, the > little I read of the docs wasn't really clear about how to actually use it. > > Anything else anyone would recommend? > > -Joe > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >