WebApp Sec mailing list archives
Re: SQL Injection and XSS testing,
From: Josh Zlatin-Amishav <josh () ramat cc>
Date: Sun, 25 Feb 2007 13:47:30 +0200 (IST)
On Sat, 24 Feb 2007, IRM wrote:
Dear all, Excuse me for this basic question. Just wondering in regards to the SQL injection, is it sufficient to insert the input with "1=1--" to test whether a site is vulnerable to the SQL injection? How much level of assurance can we get by testing the SQL injection limited to "1=1--"?
The short answer is no. For instance, you may have an app that does not return an error message but is exploitable to blind SQL injection.
If I am not wrong I guess most of the security aspects in Web application are mainly around input validation. So I was wondering is there any free open source software to automate all the input?
You are likely to miss vulnerabilities if you solely rely on automated scanners. There are lots of tools out there to help automate some of the work. When testing for Web App vulnerabilities you will need a good web proxy. Take a look at Paros, which might help you automate some of the input validation testing too. Or maybe
a list of stuff that usually need to test? Say SQL Injection or XSS? Is there a list of parameters kind of cheat sheet?
There are lots of lists out there. You may want to take a look at: http://ha.ckers.org/xss.html http://ha.ckers.org/sqlinjection/ -- - Josh ------------------------------------------------------------------------- Sponsored by: WatchfireSecuring a web application goes far beyond testing the application using manual processes, or by using automated systems and tools. Watchfire's "Web Application Security: Automated Scanning or Manual Penetration Testing?" whitepaper examines a few vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools. Download it today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008fH6 --------------------------------------------------------------------------
Current thread:
- SQL Injection and XSS testing, IRM (Feb 24)
- RE: SQL Injection and XSS testing, WebAppSec (Feb 25)
- Re: SQL Injection and XSS testing, Josh Zlatin-Amishav (Feb 25)
- Re: SQL Injection and XSS testing, Jason Ross (Feb 25)
- Re: SQL Injection and XSS testing, Matteo Meucci (Feb 25)
- Re: SQL Injection and XSS testing, crazy frog crazy frog (Feb 25)
- RE: SQL Injection and XSS testing, James Ash (Feb 25)
- <Possible follow-ups>
- Re: SQL Injection and XSS testing, eugk . 46247649 (Feb 25)
- Re: SQL Injection and XSS testing, Henry Troup (Feb 25)