-
Notifications
You must be signed in to change notification settings - Fork 67
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
False negative related to SQL Injection #100
Comments
It would require writing new tests for SQLi to detect it using |
Here is a short code we can integrate that will generate text (
I think integrating this into OFFAT is fairly easy - i.e. OFFAT can generate the file and potentially run sqlmap and bundle the results from it The issue is that |
Actually sqlmap offers an API to communicate effectively with it. What can be done here, is format data into a file to be ingested & processed by sqlmap, run the task then keep pinging the API each x seconds to see if it has finished or not. |
The endpoint:
https://brokencrystals.com/api/testimonials/count?query=%27
is vulnerable to an SQL injectionThe endpoint does NOT return
50X
error when the SQL injection occurs, thus:STATUS_CODE_FILTER
doesn't catch itI believe it would be a smart idea to look for common SQL errors such as:
' - unterminated quoted string at or near "'"
Other errors are listed here:
https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/05-Testing_for_SQL_Injection
I can't easily find one 'list' that has all the SQL errors
The text was updated successfully, but these errors were encountered: