News

Tool Tuesday – sqlmap

Oct 22, 2019

Is your web application vulnerable to SQL Injection? With sqlmap you can test it.

First things first: A SQL Injection is a vulnerability in a web application that allows SQL commands to be sent to the database because the web application has not implemented appropriate countermeasures. More information can be found at: https://www.owasp.org/index.php/SQL_Injection. If you find evidence of such a vulnerability, you can use sqlmap to accurately verify the vulnerability.

sqlmap is a commandline tool for automated checking for SQL injections. This tool provides a wealth of options. sqlmap uses all known techniques to detect SQL injection, like Boolean-based, Time-based, Error-based, UNION-based and Stacked queries. The aggression with which sqlmap proceeds can also be set to control the impact on network traffic.

If a vulnerability is detected, sqlmap can also be used to exploit this vulnerability. The tool is able to detect the used database  systems, extract single tables or create an dump of the complete database. In some cases it is also possible to get a shell to the operating system of the database server.

More information can be found at: http://sqlmap.org/

 

 

Are you not sure whether SQL Injections are possible in your application? Please feel free to contact us!

Recent posts

Attack Afternoon – CSRF

CSRF stands for “Cross-Site Request Forgery” and is a classic among web application attacks. With this attack, it is possible to perform certain user actions without them noticing it. But how exactly does this attack work?

read more

mgm sp @ Dresden

Our second office is located in Dresden, the capital of Saxony. Come have a look at our office there!

read more

Wenn Sie auf der Seite weitersurfen, stimmen Sie der Cookie-Nutzung zu.
If you continue to visit the site, you agree to the use of cookies.
Privacy Policy / Cookie Policy

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close