Nmap Development mailing list archives
Re: [NSE] sql-injection.nse AKA http-sql-injection.nse
From: Peter O <perdo.olma () gmail com>
Date: Sat, 30 Jun 2012 14:34:49 +0200
On Sat, Jun 23, 2012 at 8:09 PM, Paulino Calderon <paulino () calderonpale com> wrote:
On 23/06/2012 08:59 a.m., Peter O wrote:Hi all, I've just renamed sql-injection script to http-sql-injection. I've also added forms handling capability to the script and obviously, the output structure had to be modified as well. I'm attaching the script and you can also see it in the repo. Any comments and suggestions are of course welcomed! - Peter _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/Hi, Great job. This is one of the scripts I feel is invaluable for web scanning. I tested the script but I feel like there aren't enough error signatures hence the detection is VERY limited and not effective in real world scenarios. Can we update/add more error strings to improve detection? It would be great if we can pass a list of error strings ( and payloads too for that matter) or file containing them via an argument, then we can specify certain errors depending on the DBMS we are working on. And certainly the error strings could be used to also determine the DBMS ( in case we didn't set the argument for specific payloads ). One project that could be very useful is fuzzdb (http://code.google.com/p/fuzzdb/) , look for the error strings inside the grep folder. Maybe we can add them to this script ( and credit the authors ) Cheers. -- Paulino Calderón Pale
Hi Paulino, I'm sorry that it took so long, but I added the list of error strings from the project you mentioned and modified the script to use them. I'm planning to do the same thing with payloads. - Peter _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] sql-injection.nse AKA http-sql-injection.nse Peter O (Jun 23)
- Re: [NSE] sql-injection.nse AKA http-sql-injection.nse Paulino Calderon (Jun 23)
- Re: [NSE] sql-injection.nse AKA http-sql-injection.nse Peter O (Jun 30)
- Re: [NSE] sql-injection.nse AKA http-sql-injection.nse Paulino Calderon (Jun 23)