While the adoption of web applications for conducting online business has enabled companies to connect seamlessly with their customers, it has also exposed a number of security concerns stemming from improper coding. Vulnerabilities in web applications allow hackers to gain direct and public access to sensitive information (e.g. personal data, login credentials).
Web applications allow visitors to submit and retrieve data to/from a database over the Internet. Databases are the heart of most web applications. They hold data needed for web applications to deliver specific content to visitors and provide information to customers, suppliers etc.
SQL Injection is perhaps the most common web-application hacking technique which attempts to pass SQL commands through a web application for execution by the back-end database. The vulnerability is presented when user input is incorrectly sanitized and thereby executed.
Checking for SQL Injection vulnerabilities involves auditing your web applications and the best way to do it is by using automated SQL Injection Scanners. We’ve compiled a list of free SQL Injection Scanners we believe will be of a value to both web application developers and professional security auditors.
SQLIer - SQLIer takes a vulnerable URL and attempts to determine all the necessary information to exploit the SQL Injection vulnerability by itself, requiring no user interaction at all. Get SQLIer.
SQLbftools - SQLbftools is a collection of tools to retrieve MySQL information available using a blind SQL Injection attack. Get SQLbftools.
SQL Injection Brute-forcer - SQLibf is a tool for automatizing the work of detecting and exploiting SQL Injection vulnerabilities. SQLibf can work in Visible and Blind SQL Injection. It works by doing simple logic SQL operations to determine the exposure level of the vulnerable application. Get SQLLibf.
SQLBrute - SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities. It supports time based and error based exploit types on Microsoft SQL Server, and error based exploit on Oracle. It is written in Python, uses multi-threading, and doesn’t require non-standard libraries. Get SQLBrute.
BobCat - BobCat is a tool to aid an auditor in taking full advantage of SQL injection vulnerabilities. It is based on AppSecInc research. It can list the linked severs, database schema, and allow the retrieval of data from any table that the current application user has access to. Get BobCat.
SQLMap - SQLMap is an automatic blind SQL injection tool, developed in python, capable to perform an active database management system fingerprint, enumerate entire remote databases and much more. The aim of SQLMap is to implement a fully functional database management system tool which takes advantages of web application programming security flaws which lead to SQL injection vulnerabilities. Get SQLMap.
Absinthe - Absinthe is a GUI-based tool that automates the process of downloading the schema and contents of a database that is vulnerable to Blind SQL Injection. Get Absinthe.
SQL Injection Pen-testing Tool - The SQL Injection Tool is a GUI-based utility designed to examine database through vulnerabilities in web-applications. Get SQL Injection Pen-testing tool.
SQID - SQL Injection digger (SQLID) is a command line program that looks for SQL injections and common errors in websites. It can perform the follwing operations: look for SQL injection in a web pages and test submit forms for possible SQL injection vulnerabilities. Get SQID.
Blind SQL Injection Perl Tool - bsqlbf is a Perl script that lets auditors retrieve information from web sites that are vulnerable to SQL Injection. Get Blind SQL Injection Perl Tool.
SQL Power Injection Injector - SQL Power Injection helps the penetration tester to inject SQL commands on a web page. It’s main strength is its capacity to automate tedious blind SQL injection with several threads. Get SQL Power Injection.
FJ-Injector Framwork - FG-Injector is a free open source framework designed to help find SQL injection vulnerabilities in web applications. It includes a proxy feature for intercepting and modifying HTTP requests, and an interface for automating SQL injection exploitation. Get FJ-Injector Framework.
SQLNinja - SQLNinja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end database. Get SQLNinja.
Automagic SQL Injector - The Automagic SQL Injector is an automated SQL injection tool designed to help save time on penetration testing. It is only designed to work with vanilla Microsoft SQL injection holes where errors are returned. Get Automagic SQL Injector.
NGSS SQL Injector - NGSS SQL Injector exploit vulnerabilities in SQL injection on disparate database servers to gain access to stored data. It currently supports the following databases: Access, DB2, Informix, MSSQL, MySQL, Oracle, Sysbase. Get NGSS SQL Injector.
Comments
What’s about http://chorizo-scanner.com/ ?
I also had pretty good luck with the OWASP tool, SQLiX.
uhm, about chorizo-scanner…
well, a *commercial* product by the name of “sausage” with a module called “blood sausage” (both spanish names), doesn’t really sound trustworthy let alone enterprise grade.someone in the commercial department should get fired!
i’ll stick to OSS solutions myself
People still don’t know how to protect against SQL injection attacks yet?
These SQL injection scanners only scan for known vulnerabilities. SQL injection scanners must be able to look for custom vulnerabilities in custom apps too. Thats the hard part and there is no free tool that does that reliably.
Something like Acunetix is required (http://www.acunetix.com)
Protection against sql injection exists. It’s called “code quality”. You can avoid these attacks by implementing controls on input data before converting them into a sql request in web application. Implementing such control increase development time so it doesnt fit with the usual dealine requirement of development. When developers and project managers will understand the underlying problems of code quality, sql injection would not be a big issue.
Nice set of free tools….
One of the best scanners that I found around is Acunetix WVS (www.acunetix.com). It has a nice set of manual tools to check for SQL Injection and a lot of other vulns like XSS, XFS, XPath Injection, GHDB etc..
I found this scanner to have a really good detection rate for most vulnerabilities and it also mentions how to fix and protect agains the vulns..
‘Morcilla’ is the blood sausage. Chorizo is just ‘meat with red pepper spice’. Now, that’s a funny name as “chorizo” also means “crook”.
I have been using N-Stalker Free Edition (www.nstalker.com) and it seems ok to me. Acunetix was taking too long and incorrect results were shown.
O_0. Very necessary information.
Will test my projects
@William Henderson: you are wrong, most of these tools can perform custom tests, and Acunetix is pure shit (easy as 1 2 3) but open the definitions directory, watch the xml files and figure out how to write a 7 line patch for your site to generate 10′000 false positives. Then mindless pentersters will no more able to use Acunetix and will be forced to use for the first time their brains.
no bad….
There is a new tool called ISR-sqlget from [ISR] - Infobyte Security Research - www.infobyte.com.ar
It supports 20 databases, has various evasions features.
Boring wrote: “People still don’t know how to protect against SQL injection attacks yet?”
“People still don’t know how to protect against buffer overflows?” is still around, so I expect SQL injection to be on the plate for a long, long time.
Post a Comment
Contact
Have a hot hack? want to request a hack? let us know - editor [at] security-hacks.com
subscribe
Search
Latest Entries
- msramdmp: Dump RAM from a USB stick
- SWFIntruder: Are your Flash applications secure?
- Untidy: Python-based XML fuzzer
- Jailbreaking iPhone software v1.1.1
- Secure browsing with Squid and SSH
- Combat spam with Gmail aliases
- 5 Essential laptop security tips
- Email encryption with GPG and Mail.app
- Firefox: Disable suspicious JavaScript features
- aSSL: Add SSL to your Ajax application
Archives
