MYSQL TESTING

anti-trust · 02-10-2011, 06:36 PM

MYSQL TESTING

SQL injection allows an attacker to access the SQL servers. It allows for the execution of SQL
code under the privileges of the user used to connect to the database

How to Test !!!

When a SQL Injection is found with MYSQL as DBMS backend

there are a number of attacks that could be accomplished

depending on MYSQL version and user privileges on DBMS

MySQL quote escaping is the following:
'A string with \'quotes\''

* Every version has a set of features proportional to version number

* From Version 4.0: UNION
* From Version 4.1: Subqueries
* From Version 5.0: Stored procedures, Stored functions and the view named INFORMATION_SCHEMA
* From Version 5.0.2: Triggers

We will Talk More latter About MYSQL Injection in Next Module

in this part ill use An Auto Tools

in this video we will Discover How To use The w3af

based on MYSQL Error using SQLMAP

What The SQL INJECTION Script Do

1- plugin sends the string d'z"0 to every injection point

2- and searches for SQL errors in the response body

its look like Create the vuln

كود:

 v.setDesc( 'SQL injection in a '+ v['db'] +' was found at: ' + mutant.foundAt() )

and Here Discover it

كود:

            # MYSQL
            errors.append( ('supplied argument is not a valid MySQL', dbms.MYSQL ) )
            errors.append( ('Column count doesn\'t match value count at row', dbms.MYSQL ) )
            errors.append( ('mysql_fetch_array\\(\\)', dbms.MYSQL ) )
            errors.append( ('mysql_', dbms.MYSQL ) )
            errors.append( ('on  MYSQL  result index', dbms.MYSQL ) )
            errors.append( ('You have an error in your SQL syntax;', dbms.MYSQL ) )
            errors.append( ('You have an error in your SQL syntax near', dbms.MYSQL ) )
            errors.append( ('MySQL server version for the right syntax to use', dbms.MYSQL ) )
            errors.append( ('\\[MySQL\\]\\[ODBC', dbms.MYSQL ))
            errors.append( ("Column count doesn't match", dbms.MYSQL ))
            errors.append( ("the used select statements have different number of columns", dbms.MYSQL ))
            errors.append( ("Table '[^']+' doesn't exist", dbms.MYSQL ))
            errors.append( ("DBD::mysql::st execute failed", dbms.MYSQL ))
            errors.append( ("DBD::mysql::db do failed:", dbms.MYSQL ))

and now To watch this video on vbspiders broadcast

its always online

كود: