From ba46e3812547b578e432e79d114b1127a0ef86bb Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 19 Sep 2019 12:08:11 +0200 Subject: [PATCH] Improvement of SQLi detection --- bin/SQLInjectionDetection.py | 138 ++++++----------------------------- 1 file changed, 24 insertions(+), 114 deletions(-) diff --git a/bin/SQLInjectionDetection.py b/bin/SQLInjectionDetection.py index ffb21003..f46a740e 100755 --- a/bin/SQLInjectionDetection.py +++ b/bin/SQLInjectionDetection.py @@ -14,7 +14,6 @@ It test different possibility to makes some sqlInjection. import time import datetime import redis -import string import urllib.request import re from pubsublogger import publisher @@ -22,131 +21,42 @@ from Helper import Process from packages import Paste from pyfaup.faup import Faup -# Config Var - -regex_injection = [] -word_injection = [] -word_injection_suspect = [] - -# Classic atome injection -regex_injection1 = "([[AND |OR ]+[\'|\"]?[0-9a-zA-Z]+[\'|\"]?=[\'|\"]?[0-9a-zA-Z]+[\'|\"]?])" -regex_injection.append(regex_injection1) - -# Time-based attack -regex_injection2 = ["SLEEP\([0-9]+", "BENCHMARK\([0-9]+", "WAIT FOR DELAY ", "WAITFOR DELAY"] -regex_injection2 = re.compile('|'.join(regex_injection2)) -regex_injection.append(regex_injection2) - -# Interesting keyword -word_injection1 = [" IF ", " ELSE ", " CASE ", " WHEN ", " END ", " UNION ", "SELECT ", " FROM ", " ORDER BY ", " WHERE ", " DELETE ", " DROP ", " UPDATE ", " EXEC "] -word_injection.append(word_injection1) - -# Database special keywords -word_injection2 = ["@@version", "POW(", "BITAND(", "SQUARE("] -word_injection.append(word_injection2) - -# Html keywords -word_injection3 = ["