Title: SQL injection attacks with the AMPA suite
Authors: Simone Cecchini; Diane Gan
Addresses: C-SAFE Centre, School of Computing and Mathematical Sciences, University of Greenwich, London SE10 9LS, UK ' C-SAFE Centre, School of Computing and Mathematical Sciences, University of Greenwich, London SE10 9LS, UK
Abstract: The suite of tools presented here was developed to exploit the lack of sanitisation found in user inputs that reached a target database and sometimes even the server. The focus for the design of the tools was a BLIND SQL injection, the verbosity of the attack and the possibility to inject a web shell which enabled Meterpreter to open a reverse connection. The tools demonstrate how dangerous SQL injection can be, specifically on the AMP platforms. The method of reporting and the ease of use meant that the AMPA suite was a good set of tools for professional penetration testers, who may also require flexibility and customisation from open source software. An attack using the suite will be presented and the results discussed.
Keywords: PHP; MySQL; Apache; BLIND SQL injection; UNION SELECT; PHP shell; AMP platforms; injecting through proxy; SQLInjector; SQLInstillator; AMPAnasia; Meterpreter reverse shell; AMPAsuite; web application security; security flaws; SQL injection attacks.
DOI: 10.1504/IJESDF.2013.055051
International Journal of Electronic Security and Digital Forensics, 2013 Vol.5 No.2, pp.139 - 160
Received: 04 Aug 2012
Accepted: 04 Apr 2013
Published online: 26 Jul 2014 *