From: Basha, Arif (abashaapa.org)
Date: Wed Sep 03 2008 - 12:40:22 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

What tool did you use for SQL Injection vulnerability scanning?

I am looking for one or more tools for this purpose. May be others can
respond with any suggestions/comments.

Thanks.

-----Original Message-----
From: listbouncesecurityfocus.com [mailto:listbouncesecurityfocus.com]
On Behalf Of Serg B
Sent: Tuesday, September 02, 2008 8:51 PM
To: GT GERONIMO, Frederick Joseph B.
Cc: pen-testsecurityfocus.com
Subject: Re: Checking for SQL Injection

On a side note - you may want to suggest to the client (I hope it's a
client) to disable Apache product tokens, and PHP reveal self
directives. Headers appear to give away lots of potentially sensetive
information.

On Mon, Sep 1, 2008 at 6:35 PM, GT GERONIMO, Frederick Joseph B.
<fbgeronimoglobetel.com.ph> wrote:
> Hello,
>
> I ran a tool to verify if a website had SQL Injection. The tool
detected
> Blind SQL Injection vulnerability. I have pasted the request and
> response below.
>
> Would you say that the tool's evaluation is accurate?
>
> Is there anything that the web application can be doing to make this a
> false-positive?
>
> Thanks.
>
>
> HTTP REQUEST
> ============
>
> GET /prototype03/vulnerable.php?vid=zJrt&act=viewed&page=0.01 HTTP/1.0
> Accept: */*
> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET
CLR
> 1.1.4322)
> Host: www.victim.com
> Authorization: Basic dTI0Y29tcGg6PCEzIzw3PjlBQnVu
> Cookie:
>
PHPSESSID=b4499547c0c4f399ba649181d5e67f5c;vid11=6512bd43d9caa6e02c990b0
>
a82652dca;vid2=c81e728d9d4c2f636f067f89cc14862c;vid4=a87ff679a2f3e71d918
>
1a67b7542122c;vid8=c9f0f895fb98ab9159f51fd0297e236d;vid9=45c48cce2e2d7fb
> dea1afc51c7c6ad26;vid7=8f14e45fceea167a5a36dedd4bea2543
> Connection: Close
> Pragma: no-cache
>
>
> HTTP RESPONSE
> =============
>
> HTTP/1.1 200 OK
> Date: Fri, 29 Aug 2008 10:00:08 GMT
> Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8b
> mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
> PHP/5.2.6
> X-Powered-By: PHP/5.2.6
> Expires: Thu, 19 Nov 1981 08:52:00 GMT
> Cache-Control: no-store, no-cache, must-revalidate, post-check=0,
> pre-check=0
> Pragma: no-cache
> Connection: close
> Content-Type: text/html
>
> This e-mail message (including attachments, if any) is intended for
the use of the individual or the entity to whom it is addressed and may
contain information that is privileged, proprietary, confidential and
exempt from disclosure. If you are not the intended recipient, you are
notified that any dissemination, distribution or copying of this
communication is strictly prohibited. If you have received this
communication in error, please notify the sender and delete this E-mail
message immediately.
>
>
------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Top 5 Common Mistakes in
> Securing Web Applications
> Get 45 Min Video and PPT Slides
>
> www.cenzic.com/landing/securityfocus/hackinar
>
------------------------------------------------------------------------
>
>

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]