Detecting SQL injection flaws
SQL injection is a vulnerability generated by weak input validation controls in an application. It allows a malicious user to execute arbitrary SQL code, which exposes the information stored, and, in some critical cases, allows complete control of the server where the application is residing.
There are three main ways to detect SQL injections using Burp Suite: first, by manually inserting testing strings; second, by using the scanner; and third, by using an extension called CO2, which uses sqlmap in the background, a tool for exploiting and detecting SQL injections. Let's take a look at these three methods.
Manual detection
Manual detection means to analyze request by request, using just the Proxy tool and Intruder tool, to detect an error or an unexpected behavior to detect SQL injection.
Imagine you have an application that allows the user to see information about the users registered in a database; to do that, the application will use the following request:
GET...
