'인젝션'에 해당되는 글 3건

  1. 2010.09.08 SQL injection Tools by 잠수콩
  2. 2010.03.24 asp - sql injection 방지 function by 잠수콩
  3. 2008.11.13 ms-sql 2000 SQL인젝션방지용 쿼리문 by 잠수콩



이름 : sqlninja
설명 : a SQL Server injection & takeover tool
URL : http://sqlninja.sourceforge.net/
버전 : 0.2.1-r1

이름 : sqlmap
설명 : an automatic SQL injection tool entirely developed in Python
버전 : 0.5
URL : http://sqlmap.sourceforge.net


<15 free SQL Injection Scanner>
SQLIer - SQLIer takes a vulnerable URL and attempts to determine all the necessary information to exploit the SQL Injection vulnerability by itself, requiring no user interaction at all. Get SQLIer.

SQLbftools
- SQLbftools is a collection of tools to retrieve MySQL information available using a blind SQL Injection attack. Get SQLbftools.

SQL Injection Brute-forcer
- SQLibf is a tool for automatizing the work of detecting and exploiting SQL Injection vulnerabilities. SQLibf can work in Visible and Blind SQL Injection. It works by doing simple logic SQL operations to determine the exposure level of the vulnerable application. Get SQLLibf.

SQLBrute
- SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities. It supports time based and error based exploit types on Microsoft SQL Server, and error based exploit on Oracle. It is written in Python, uses multi-threading, and doesn’t require non-standard libraries. Get SQLBrute.

BobCat
- BobCat is a tool to aid an auditor in taking full advantage of SQL injection vulnerabilities. It is based on AppSecInc research. It can list the linked severs, database schema, and allow the retrieval of data from any table that the current application user has access to. Get BobCat.

SQLMap
- SQLMap is an automatic blind SQL injection tool, developed in python, capable to perform an active database management system fingerprint, enumerate entire remote databases and much more. The aim of SQLMap is to implement a fully functional database management system tool which takes advantages of web application programming security flaws which lead to SQL injection vulnerabilities. Get SQLMap.

Absinthe
-
Absinthe is a GUI-based tool that automates the process of downloading the schema and contents of a database that is vulnerable to Blind SQL Injection. Get Absinthe.

SQL Injection Pen-testing Tool
- The SQL Injection Tool is a GUI-based utility designed to examine database through vulnerabilities in web-applications. Get SQL Injection Pen-testing tool.

SQID
-
SQL Injection digger (SQLID) is a command line program that looks for SQL injections and common errors in websites. It can perform the follwing operations: look for SQL injection in a web pages and test submit forms for possible SQL injection vulnerabilities. Get SQID.

Blind SQL Injection Perl Tool
- bsqlbf is a Perl script that lets auditors retrieve information from web sites that are vulnerable to SQL Injection. Get Blind SQL Injection Perl Tool.

SQL Power Injection Injector
- SQL Power Injection helps the penetration tester to inject SQL commands on a web page. It’s main strength is its capacity to automate tedious blind SQL injection with several threads. Get SQL Power Injection.

FJ-Injector Framwork
- FG-Injector is a free open source framework designed to help find SQL injection vulnerabilities in web applications. It includes a proxy feature for intercepting and modifying HTTP requests, and an interface for automating SQL injection exploitation. Get FJ-Injector Framework.

SQLNinja
- SQLNinja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end database. Get SQLNinja.

Automagic SQL Injector
- The Automagic SQL Injector is an automated SQL injection tool designed to help save time on penetration testing. It is only designed to work with vanilla Microsoft SQL injection holes where errors are returned. Get Automagic SQL Injector.

NGSS SQL Injector
- NGSS SQL Injector exploit vulnerabilities in SQL injection on disparate database servers to gain access to stored data. It currently supports the following databases: Access, DB2, Informix, MSSQL, MySQL, Oracle, Sysbase. Get NGSS SQL Injector


출처 : http://pgclks.tistory.com/97?srchid=BR1http%3A%2F%2Fpgclks.tistory.com%2F97
저작자 표시 비영리 변경 금지
신고
Posted by 잠수콩



 Function IsInjectionParam()
  Dim QueryString
  QueryString = LCase(Request.ServerVariables("QUERY_STRING"))

  IsInjectionParam = False
  If InStr(QueryString, "execute") > 0 Or InStr(QueryString, "xp_") > 0 Or InStr(QueryString, "sp_") > 0 Then
   IsInjectionParam = True
   Exit Function
  End If

  If (InStr(QueryString, "select") > 0 And InStr(QueryString, "from") > 0) Or (InStr(QueryString, "update") > 0 And InStr(QueryString, "set") > 0) Or (InStr(QueryString, "delete") > 0 And InStr(QueryString, "from") > 0) Then
   IsInjectionParam = True
   Exit Function
  End If
  If InStr(QueryString, "truncate") > 0 Or (InStr(QueryString, "table") > 0 And (InStr(QueryString, "drop") > 0 Or InStr(QueryString, "create") > 0 Or InStr(QueryString, "alter") > 0)) Then
   IsInjectionParam = True
   Exit Function
  End If
  If  (InStr(QueryString, "net") > 0 And (InStr(QueryString, "localgroup") > 0 Or InStr(QueryString, "user") > 0)) Then
   IsInjectionParam = True
   Exit Function
  End If

  If  (InStr(QueryString, "<")) > 0 And (InStr(QueryString, "script")) > 0 Then
   IsInjectionParam = True
   Exit Function
  End If
  
  If  (InStr(QueryString, "3C")) > 0 And (InStr(QueryString, "script")) > 0 Then
   IsInjectionParam = True
   Exit Function
  End If

  If  (InStr(QueryString, "script")) > 0 Then
   IsInjectionParam = True
   Exit Function
  End If

  If  (InStr(QueryString, "'")) > 0 Or (InStr(QueryString, "%27")) > 0Then
   IsInjectionParam = True
   Exit Function
  End If

  If  (InStr(QueryString, "+or")) > 0 Then
   IsInjectionParam = True
   Exit Function
  End If

 End Function

저작자 표시 비영리 변경 금지
신고
Posted by 잠수콩


설치 후 해당 쿼리를 이용해서 제거 해주세요 위부터 하시면 됩니다
============================================================================
불필요한 권한 삭제

1) master database
REVOKE EXECUTE ON xp_regread FROM public
REVOKE EXECUTE ON xp_instance_regread FROM public
REVOKE EXECUTE ON dbo.sp_runwebtask FROM public

2) msdb database
REVOKE EXECUTE ON sp_add_job FROM public
REVOKE EXECUTE ON sp_add_jobstep FROM public
REVOKE EXECUTE ON sp_add_jobserver FROM public
REVOKE EXECUTE ON sp_start_job FROM public
REVOKE ALL ON dbo.mswebtasks FROM public
REVOKE EXECUTE ON sp_enum_dtspackages FROM public
REVOKE EXECUTE ON sp_get_dtspackage FROM public
REVOKE EXECUTE ON sp_get_sqlagent_properties FROM public

3) 시스템 명령이 가능한 확장 프로시저 제거 합니다
USE master
GO
IF OBJECT_ID('[dbo].[xp_cmdshell]') IS NOT NULL BEGIN
   EXEC sp_dropextendedproc 'xp_cmdshell'
END
GO
EXEC sp_addextendedproc 'xp_cmdshell', 'xplog70.dll'
GO
USE master
GO
IF OBJECT_ID('[dbo].[xp_cmdshell]') IS NOT NULL BEGIN
   EXEC sp_dropextendedproc 'xp_cmdshell'
END
GO

4) 쿼리를 이용해서 제거 하여도  dll 파일은 남아 있습니다
    아래와 같이 지워 줍니다
dbcc xp_cmdshell(free)
dbcc xp_cmdshell(free)
dbcc xp_dirtree(free)
dbcc xp_regdeletekey(free)
dbcc xp_regenumvalues(free)
dbcc xp_regread(free)
dbcc xp_regwrite(free)
dbcc sp_makewebtask(free)
dbcc sp_adduser(free)

=============================================================================
 mssql 인젝션방지용...
=============================================================================
use master
go
 
---- SQL 인젝션방지용 
 
DENY  EXECUTE  ON [master].[dbo].[xp_subdirs] TO [guest] CASCADE 
DENY  EXECUTE  ON [master].[dbo].[xp_dirtree] TO [guest] CASCADE
DENY  EXECUTE  ON [master].[dbo].[xp_availablemedia] TO [guest] CASCADE
 
DENY  EXECUTE  ON [master].[dbo].[xp_regwrite] TO [guest] CASCADE
DENY  EXECUTE  ON [master].[dbo].[xp_regread] TO [guest] CASCADE
DENY  EXECUTE  ON [master].[dbo].[xp_regaddmultistring] TO [guest] CASCADE
DENY  EXECUTE  ON [master].[dbo].[xp_regdeletekey] TO [guest] CASCADE
DENY  EXECUTE  ON [master].[dbo].[xp_regdeletevalue] TO [guest] CASCADE  
DENY  EXECUTE  ON [master].[dbo].[xp_regremovemultistring] TO [guest] CASCADE
DENY  EXECUTE  ON [master].[dbo].[xp_regaddmultistring] TO [guest] CASCADE
 
--일반 사용자의 물리적인 파일 접근을 차단
DENY  EXECUTE  ON [master].[dbo].[xp_fileexist] TO [guest] CASCADE
DENY  EXECUTE  ON [master].[dbo].[xp_fixeddrives] TO [guest] CASCADE
DENY  EXECUTE  ON [master].[dbo].[xp_getfiledetails] TO [guest] CASCADE
go


저작자 표시 비영리 변경 금지
신고

'쿼리_SQL' 카테고리의 다른 글

ms-sql UPDATE 문을 제대로 써보자!  (0) 2008.11.13
MS-SQL 랭킹(순위) 매기기  (0) 2008.11.13
ms-sql 2000 SQL인젝션방지용 쿼리문  (0) 2008.11.13
Cursor 사용 예제  (0) 2008.11.12
MS-SQL 2000 보안 쿼리문  (0) 2008.11.12
tempDB 로그 삭제  (0) 2008.11.12
Posted by 잠수콩