Mysql Injection Scanner
Joseph Sinclair
plug-discussion at stcaz.net
Tue Dec 1 20:53:59 MST 2009
It's not going to find everything, and it's definitely not a fully-automated tool, but I find the SQLInjectMe plugin for Firefox to be a very useful tool for SQL injection testing.
For more automated scanning, you might try Wikto (http://www.sensepost.com/research/wikto/), although I don't know much about it...
Joe wrote:
> Hey all,
>
> Can anyone (Lisa, I'm looking in your direction) recommend a decent SQL
> injection scanner? I don't really care if it's server-side or
> client-side since it's my server, and I don't need to *exploit* the
> injection points, I just need an easy way to find them. I'd like it to
> be easy to figure out, generate output or reports that are easy to
> follow and not require too much to be installed on the server.
>
> The reason I'm looking for something is that the server on which my
> company hosts its websites has been compromised and I've been putting in
> some considerable hours trying to fix things. I've removed malicious
> scripts, fixed or removed the exploited code and changed all of our
> passwords (from ssh to mysql to user accounts).
>
> Today, I happened to catch a SQL injection scan and now I'm trying to
> look down that path some more. Basically, they used one of our (many)
> poorly escaped queries to poll password data for our site login (among
> other things). Luckily, I shut the scan down before they got the
> passwords so I didn't have to have users reset them *again*.
>
> I've cleaned up a bunch of the sql code over the past could days, but
> I'm wondering if there's a way for me to scan for injections myself and
> attack code that is "more vulnerable" than others. I found sqlsus
> (http://sqlsus.sourceforge.net/), which looked pretty impressive, but it
> didn't run properly and it wasn't really a scanning tool so much as it
> was an exploiting tool. I also found Pixy
> (http://pixybox.seclab.tuwien.ac.at/pixy/), which looked pretty
> comprehensive, but the output looked a little intimidating. Plus, the
> little I read of the docs wasn't really clear about how to actually use it.
>
> Anything else anyone would recommend?
>
> -Joe
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
Url : http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20091201/76eb41a4/attachment.pgp
More information about the PLUG-discuss
mailing list