errorbased SQL Injection being scanned against HTTP GET parameters.
SQL injection continues to be a favourite target of attackers. In the news we see regular reports of data dumps containing credit card information, usernames, passwords and other information; more often than not these dumps are the result of SQL injection attacks. The majority of successful attacks are not made public and often not detected.
Successful attacks can not only provide an attacker access to back-end database systems but even operating system access in the most damaging attacks.
- Easily Test a URL for parameters that are vulnerable to SQL Injection.
- Identify poorly coded web applications that do not sanitise input and are vulnerable to SQL Injection.
- Test the effectiveness of a web application firewall or Intrusion Detection System (IDS / IPS).
Why use this SQL Injection Test?
The benefits of this test are that you have easy access to a fast and comprehensive SQL injection against a single URL. This scan does not scour your website and find every possible injection point; however by having such as quick and accurate test on hand. You are able to easily select a handful of HTTP GET based url’s from your target web site and test them immediately.
If you find that the HTTP GET based url’s are vulnerable to SQL injection, there is a good chance that other parts of the site are also vulnerable; and you are in need of a comprehensive web application assessment to ensure your website is safe from this damaging attack.
How do I perform a SQL injection test?
1. Enter the URL you wish to target. Note that this test only examines HTTP GET based parameters; so the URL should contain those parameters following the web domain. See example below:
This example url will have the two parameter’s id and page tested for sql injection.
2. Enter the email address for delivery of the results.
3. Hit the start button to have the tests performed on the system.
Technical Details of the scanner
The scan uses sqlmap to test for HTTP GET parameters of a url. The scan type is default, with only the database version being extracted in the event of a successful injection point is found.
About the SQLmap project
SQL Injection is a common attack vector in dynamic web applications. It allows an attacker to gain access to the database or database functions through poor coding methodology. We have documented an introduction to sql injection or alternatively a good SQL injection reference is over at the owasp site.
The SQLmap tool is a powerful automated sql injection testing tool. In recent reviews of web application assessment tools sqlmap has consistently scored highly in accuracy of the detection capability.
Recently there have been a number of high profile attacks that have been exploited by SQL Injection, these have resulted in the loss of millions of customer records and hundreds of thousands of login / password combinations.