Re: Mysql Injection Scanner

Top Page
Attachments:
Message as email
+ (text/plain)
+ signature.asc (application/pgp-signature)
+ (text/plain)
Delete this message
Reply to this message
Author: Joseph Sinclair
Date:  
To: Main PLUG discussion list
Subject: Re: Mysql Injection Scanner
It's not going to find everything, and it's definitely not a fully-automated tool, but I find the SQLInjectMe plugin for Firefox to be a very useful tool for SQL injection testing.

For more automated scanning, you might try Wikto (http://www.sensepost.com/research/wikto/), although I don't know much about it...

Joe wrote:
> Hey all,
>
> Can anyone (Lisa, I'm looking in your direction) recommend a decent SQL
> injection scanner? I don't really care if it's server-side or
> client-side since it's my server, and I don't need to *exploit* the
> injection points, I just need an easy way to find them. I'd like it to
> be easy to figure out, generate output or reports that are easy to
> follow and not require too much to be installed on the server.
>
> The reason I'm looking for something is that the server on which my
> company hosts its websites has been compromised and I've been putting in
> some considerable hours trying to fix things. I've removed malicious
> scripts, fixed or removed the exploited code and changed all of our
> passwords (from ssh to mysql to user accounts).
>
> Today, I happened to catch a SQL injection scan and now I'm trying to
> look down that path some more. Basically, they used one of our (many)
> poorly escaped queries to poll password data for our site login (among
> other things). Luckily, I shut the scan down before they got the
> passwords so I didn't have to have users reset them *again*.
>
> I've cleaned up a bunch of the sql code over the past could days, but
> I'm wondering if there's a way for me to scan for injections myself and
> attack code that is "more vulnerable" than others. I found sqlsus
> (http://sqlsus.sourceforge.net/), which looked pretty impressive, but it
> didn't run properly and it wasn't really a scanning tool so much as it
> was an exploiting tool. I also found Pixy
> (http://pixybox.seclab.tuwien.ac.at/pixy/), which looked pretty
> comprehensive, but the output looked a little intimidating. Plus, the
> little I read of the docs wasn't really clear about how to actually use it.
>
> Anything else anyone would recommend?
>
> -Joe
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>


---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss