oss-sec mailing list archives
SQL_injection detection tool released
From: MARE system Security <security () mare-system de>
Date: Mon, 02 Jun 2008 14:17:25 +0200
We just released a tool to check for (well known)sql_injections on a file-basis. Due to the mass-hacks during the last months we just
wanted to know if probably our webservers gothacked through sql_injections (although reports mostly speak about MSSQL/ASP), so this check is based
upon a regex for /[a-zA-Z0-9].js but might be extended via words-lists freshmeat: http://freshmeat.net/projects/check_websites/ sourceforge: http://sourceforge.net/project/showfiles.php?group_id=193013&package_id=278354We'd like to discuss file-based scanning vs remote-scanning via htdig or other web-crawlers, since we do that too with our websites.
from the README: check_websites is a program to basically check a webser_document_root, webserver_logfiles and sql_dumps against possible hackings. so it does not prevent you from creating safe code (see links), but ifyou are an administrator of a web/applicationserver you might want to know if some of your customers
have already_hacked applications running, spreading virsues and exploits all over the planet. this suite will not protect your webserver but you might be able to checkif you already have been attacked and hacked.
Current thread:
- SQL_injection detection tool released MARE system Security (Jun 02)