Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to find sql injection vulnerabilities?

Tags:

security

php

sql-injection

Is there a way to find SQL injection vulnerabilities?

Note: I am asking how to find them on a server you are in control of so you can fix them. I am not asking about how to detect them on someone else's server to exploit them.

Is there a way to find every occurance of mysql_query() without opening every page and doing a ctrl+f?

like image 503
JD Isaacks Avatar asked Sep 03 '10 13:09

JD Isaacks

People also ask

What are the methods used to detect SQL injection vulnerabilities?

Many researchers have been studying a number of methods to detect and prevent SQL injection attacks, and the most preferred techniques are web framework, static analysis, dynamic analysis, combined static and dynamic analysis, and machine learning techniques.

Can SQL injection be traced?

Can SQL Injection be traced? Most SQL Injection Vulnerabilities and attacks can be reliably and swiftly traced through a number of credible SQL Injection tools or some web vulnerability scanner. SQL Injection detection is not such a trying task, but most developers make errors.

What vulnerability does SQL injection exploit?

SQL injection (SQLi) is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve.

What field is vulnerable to SQL injection?

The artist parameter is vulnerable to SQL Injection. The following payload modifies the query to look for an inexistent record. It sets the value in the URL query string to -1 . Of course, it could be any other value that does not exist in the database.

1 Answers

Using linux, you can use the grep utility.

find /dir/containing/files -type f -name '*.php'|xargs grep --color=auto "mysql_query"
  • /dir/containing/files: The directory containing your PHP files, for example, /home/user/domains/example.com/public_html
  • -type f: search for files only (not directories)
  • -name '*.php' match files ending with .php only. If you'ld like to match other files too, like .inc use this instead: -name '*.php' -o -name '*.inc' (matches *.php OR *.inc)
  • |xargs grep use the contents of the found files for searching
  • --color=auto highlights the found part
  • "mysql_query" your search terms
like image 61
Lekensteyn Avatar answered Sep 28 '22 18:09

Lekensteyn
Sign in to Comment

Related questions

Filter collection by attribute Set
How could I stop PHP from returning headers when executed from commandline?
Adding database results to array
Read a text file and transfer contents to mysql database
Should you do validation checks that go outside the possiblility of normal user activity?
How to use ternary operator instead of if-else in PHP
PHP open_basedir - to return value?
Unit Testing-- fundamental goal?
Create a new instance in a static function of an abstract class
JSON Search and remove in php?
Change XML node element value in PHP and save file
How to append to all urls in a string?
Give border to image created in PHP
How do I create a database if it doesn't exist, using PHP?
how to send image in newsletter?
How to Read RS232 Serial Port in PHP like this QBasic Program
PHP: How to calculate person's age in months+days?
How to run a function within an echo call
Capistrano uploads the .git directory
Why isn't apply_filter('the_content') outputting anything?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!