Hack-X-Crypt by Ujjwal Sahay - HTML preview

PLEASE NOTE: This is an HTML preview only and some elements such as links or page numbers may be incorrect.
Download the book in PDF, ePub, Kindle for a complete version.

img79.png

One of the easiest tool to test SQL injections is the Firefox extension named SQL Inject ME. After you install the extension, the tool is available in the right-click context menu, as well as from Tools A Options. The sidebar of SQL Inject ME is shown in the next screenshot and as you can see there are many tests you can run:

img80.png

You can choose which tests to run and which values to test. When you press one of the Test buttons, the selected tests will start. When the tests are done, you will see a report of how the tests ended.

There are many options you can set for the SQL Inject ME extension, as shown in the next two pictures: -

img81.png

img82.png

As you see, there are many steps you can take in order to clean your code from potential SQL injection vulnerabilities. Don't neglect these simple steps because if you do, you will compromise the security not only of your sites but also of all the sites that are hosted with your web hosting provider.