Detecting SQL Injection Vulnerability using OWASP ZAP


Definition-
A SQL injection attack consists of insertion or “injection” of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database etc.

Detecting sql injection vulnerability using zap:-
Steps:-
1. install [ Ссылка ]. run it on a port other than port of your zap.
docker run -p 8080:8080 -p 9090:9090 -p 80:8888 -e TZ=Europe/Amsterdam webgoat/goatandwolf:latest
2. Attacking the targetted request using active scan
3. Attacking the targetted request using Fuzzing technique.


Some measures against sql injection, These dp not eliminate SQL injection, but minimizes its impact. :
1. Do not create dynamic SQL queries using simple string concatenation.
2. Verify all data received from the client. Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.
3. Apply the principle of least privilege by using the least privileged database user possible. In particular, avoid using the 'sa' or 'db-owner' database users.
4. Grant the minimum database access that is necessary for the application.

свернуть