Features of Sqlifuzzer:
- Payloads/tests for numeric, string, error and time-based SQL injection
- Support for MSSQL, MYSQL and Oracle DBMS’s
- Automated testing of ‘tricky’ parameters like POST URL query and mulipart form parameters
- A range of filter evasion options:
- case variation, nesting, double URL encoding, comments for spaces, ‘like’ for ‘equals’ operator, intermediary characters, null and CRLF prefixes, HTTP method swapping (GETs become POSTs / POSTs become GETs)
- enumerate select query column numbers
- identify data-type string columns in select queries
- extract database schema and configuration information
- Halt a scan at any time – scan progress is saved and you can easily resume a scan from the URL where you stopped
- Specify a specific request number to resume a scan from
- links/buttons to send Proof of Concept SQL injection requests
- links to response difference files and to extracted data
The only feature sqlifuzzer does not have as of now is the – web spider. Due to this, it has to depend on the Burp Proxy for it’s log files to build its internal list of fuzz requests. This feature is available in the free version of Burp Suite.
It depends on certain pre-defined files, which can be edited to include your own stuff. For example, you can add your own MYSQL, Oracle or MSSQL payloads, add your own time delay payloads, etc. All of these files can be found in the payload directory.
Presumeably, sqlifuzzer depends on Burp Suite. Additionally, you need bash, cURL and replace. Some systems do need a few modifications. Sqlifuzzer is built and tested on BT5-R1 and does run flawlessly.
Sqlifuzzer 0.5g – sqlifuzzer-0.5g.tgz – http://sqlifuzzer.googlecode.com/files/sqlifuzzer-0.5g.tgz
출처 : PenTestIT