Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to confirm SQL injection

Is there any way to confirm that a particular breach of security was done through SQL injection?

like image 683
Sachindra Avatar asked Nov 30 '09 10:11

Sachindra


People also ask

How are SQL injections detected?

Detection methods range from checking server logs to monitoring database errors. Most network intrusion detection systems (IDS) and network perimeter firewalls are not configured to review HTTP traffic for malicious SQL fragments, making it possible for an attacker to bypass network security boundaries.

Where can I find SQL injection?

The most common other locations where SQL injection arises are: In UPDATE statements, within the updated values or the WHERE clause. In INSERT statements, within the inserted values. In SELECT statements, within the table or column name.

Can SQL injection be traced?

Can SQL Injection be traced? Most SQL Injection Vulnerabilities and attacks can be reliably and swiftly traced through a number of credible SQL Injection tools or some web vulnerability scanner. SQL Injection detection is not such a trying task, but most developers make errors.

Which application can be used to detect SQL injections?

SQLMap is the open source SQL injection tool and most popular among all SQL injection tools available. This tool makes it easy to exploit the SQL injection vulnerability of a web application and take over the database server.


2 Answers

There is no easy way here, but if you have the enabled the SQL server you use to log every single sql statement, here is what I would do.

Normally, when I SQL inject somewhere, i use one of these as my always true statement for passing throgh the Where clause, after ending the former string.

1=1 
0=0

both being used as :

blahblahblah' or 1=1 --

You would not use this clauses in everyday code. So if you spot one of these in your history, well, it is a high candidate. Test the sql history to find :

(space)(number)(optional spaces)(equal)(optional spaces)(same number)(space)

Keep in mind that is heuristical, and will not always work, but could be the only way to give a hint after it had happened . Also, if you are in doubt about SQL injection, you should check the code for string concatenation and use of parameters.

like image 81
kurast Avatar answered Sep 24 '22 13:09

kurast


after the attack has already happened? no. there isn't. you'll have to check all your sql serevr access point for potential risk. tere are some tools you can use. Check here under SQL Injection tools section.

like image 44
Mladen Prajdic Avatar answered Sep 21 '22 13:09

Mladen Prajdic