Artemis icon indicating copy to clipboard operation
Artemis copied to clipboard

Published 20 hours ago verified publisher icon CERT-Polska

Improve artemis/modules/data/nuclei_templates_custom/error-based-sql-injection.yaml

Open kazet opened this issue 10 months ago • 2 comments

Currently, this Nuclei template detects SQL errors.

We should ensure that on page without injections no error appears to filter out false positives where an error appears always, so there's no SQLi present.

Avoid duplicating the huge list of detected strings.

Detect also: "Uncaught Error: Call to a member function fetch_assoc() on bool" Inject also ", not only ' Bonus points: detect time-based SQL injection

kazet avatar Apr 05 '24 12:04 kazet

Sure! Let's assume you have a PHP site that always (regardless of the parameters) run an incorrect SQL query and prints a SQL error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'id = 1' at line 1

kazet avatar Apr 08 '24 17:04 kazet

Detect also http error 500

kazet avatar Jul 11 '24 09:07 kazet