Re: Checking for SQL Injection

["Serg B" <sergeslists () gmail com>]

On a side note - you may want to suggest to the client (I hope it's a
client) to disable Apache product tokens, and PHP reveal self
directives.  Headers appear to give away lots of potentially sensetive
information.

On Mon, Sep 1, 2008 at 6:35 PM, GT GERONIMO, Frederick Joseph B.
<fbgeronimo () globetel com ph> wrote:
> Hello,
>
> I ran a tool to verify if a website had SQL Injection. The tool detected
> Blind SQL Injection vulnerability. I have pasted the request and
> response below.
>
> Would you say that the tool's evaluation is accurate?
>
> Is there anything that the web application can be doing to make this a
> false-positive?
>
> Thanks.
>
>
> HTTP REQUEST
> ============
>
> GET /prototype03/vulnerable.php?vid=zJrt&act=viewed&page=0.01 HTTP/1.0
> Accept: */*
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR
> 1.1.4322)
> Host: www.victim.com
> Authorization: Basic dTI0Y29tcGg6PCEzIzw3PjlBQnVu
> Cookie:
> PHPSESSID=b4499547c0c4f399ba649181d5e67f5c;vid11=6512bd43d9caa6e02c990b0
> a82652dca;vid2=c81e728d9d4c2f636f067f89cc14862c;vid4=a87ff679a2f3e71d918
> 1a67b7542122c;vid8=c9f0f895fb98ab9159f51fd0297e236d;vid9=45c48cce2e2d7fb
> dea1afc51c7c6ad26;vid7=8f14e45fceea167a5a36dedd4bea2543
> Connection: Close
> Pragma: no-cache
>
>
> HTTP RESPONSE
> =============
>
> HTTP/1.1 200 OK
> Date: Fri, 29 Aug 2008 10:00:08 GMT
> Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8b
> mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
> PHP/5.2.6
> X-Powered-By: PHP/5.2.6
> Expires: Thu, 19 Nov 1981 08:52:00 GMT
> Cache-Control: no-store, no-cache, must-revalidate, post-check=0,
> pre-check=0
> Pragma: no-cache
> Connection: close
> Content-Type: text/html
>
> This e-mail message (including attachments, if any) is intended for the use of the individual or the entity to whom 
> it is addressed and may contain information that is privileged, proprietary, confidential and exempt from disclosure. 
> If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this 
> communication is strictly prohibited. If you have received this communication in error, please notify the sender and 
> delete this E-mail message immediately.
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Top 5 Common Mistakes in
> Securing Web Applications
> Get 45 Min Video and PPT Slides
>
> www.cenzic.com/landing/securityfocus/hackinar
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------