Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] sql-injection.nse AKA http-sql-injection.nse

From: Paulino Calderon <paulino () calderonpale com>
Date: Sat, 23 Jun 2012 13:09:50 -0500
On 23/06/2012 08:59 a.m., Peter O wrote:

Hi all,

I've just renamed sql-injection script to http-sql-injection.
I've also added forms handling capability to the script and obviously,
the output structure had to be modified as well.
I'm attaching the script and you can also see it in the repo. Any
comments and suggestions are of course welcomed!


- Peter


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Hi,
Great job. This is one of the scripts I feel is invaluable for web scanning. I tested the script but I feel like there aren't enough error signatures hence the detection is VERY limited and not effective in real world scenarios. Can we update/add more error strings to improve detection? It would be great if we can pass a list of error strings ( and payloads too for that matter) or file containing them via an argument, then we can specify certain errors depending on the DBMS we are working on. And certainly the error strings could be used to also determine the DBMS ( in case we didn't set the argument for specific payloads ).
One project that could be very useful is fuzzdb (http://code.google.com/p/fuzzdb/) , look for the error strings inside the grep folder. Maybe we can add them to this script ( and credit the authors ) 

Cheers.

--
Paulino Calderón Pale
Website: http://calderonpale.com
Twitter: http://twitter.com/calderpwn

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: