Wednesday, August 29, 2012

Nmap Script to find SQL injection vulnerability

Share this article :

Nmap Releases a new script "http-sql-injection.nse" to find  SQL injection vulnerability using HTTP Spiders. 

Spiders an HTTP server looking for URLs containing queries vulnerable to an SQL injection attack. It also extracts forms from found websites and tries to identify fields that are vulnerable.

The script spiders an HTTP server looking for URLs containing queries. It then proceeds to combine crafted SQL commands with susceptible URLs in order to obtain errors. The errors are analysed to see if the URL is vulnerable to attack. This uses the most basic form of SQL injection but anything more complicated is better suited to a standalone tool.

Facebook Comments Plugin by Master cMs>

Do you like this post? Please link back to this article by copying one of the codes below.

URL Of Post:


HTML Link Code:

BB (forum) link code:

0 comments:

Post a Comment

 

Sponsor

To Top Page Up Page Down To Bottom Auto Scroll Stop Scroll