0

At present i am doing a project regarding SQL injection. I am doing it in such a way that it will find the SQL injection independent of the server side scripting.. whether it may be jsp or asp or php. Now the major problem is I have to extract the SQL query from the web page. That is when i press submit button for instance, the request from the web server to the database will be sent in the form of sql statement. So my problem is to capture that sql statement

Any suggestions of how to do it?

Thanks in advance

OMG Ponies
  • 325,700
  • 82
  • 523
  • 502
DG.
  • 21
  • 1
  • 4

3 Answers3

1

You can't capture a server based SQL script, and any website that generates the SQL in Javascript is just asking you to brea ktheir site.

cjk
  • 45,739
  • 9
  • 81
  • 112
1

You can put a proxy between your web application and the rdbms. Some systems (MySql for example) come with such a proxy.

troelskn
  • 115,121
  • 27
  • 131
  • 155
0

Some RDBMS have feature of recording executed SQL queries (SQL Server has the SQL Server Profiler for example). If your RDBMS does not have this feature, you can catch the SQL queries with some proxy in the network (web application ----> your proxy ----> RDBMS).

You should pair the input values and recorded queries.

The problem with searching the SQL queries in code is very complex and I think impossible. The SQL query must not be in plain text form or can be created dynamically.

For example:

// this will produce SQL query
from p in db.Products where p.Size > 1000 && p.Count < 5 order by p.Name select p;

// this will not produce any SQL query
from c in ColumnsOf( db.Products ) where c.Contains( "Name" ) select c.Type;

// this will produce SQL query
var tmp = "SELECT ";
for(int i = 0; i < columns.Length; i++ ) {
    if ( i > 0 ) { tmp += ", "; }
    tmp += columns[i].Name;
}
tmp += "FROM " + someTextVariable;
marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
TcKs
  • 25,849
  • 11
  • 66
  • 104