Finding SQL injection vulnerabilities
SQL injection vulnerabilities are caused by the lack of sanitation of user input, and they allow attackers to execute Database Management System (DBMS) queries that could compromise the entire system. This type of web vulnerability is widespread, and because each script variable must be tested, checking for such vulnerabilities can be a very tedious task. Fortunately, we can use Nmap to scan a web server looking for SQL injection vulnerabilities quickly.
This recipe shows how to find SQL injection vulnerabilities in web applications with Nmap NSE.
How to do it...
To find SQL injection vulnerabilities in web servers with Nmap, use the following command:
$ nmap -sV --script http-sql-injection <target>
All vulnerable files will be shown with the payload used:
PORT STATE SERVICE 80/tcp open     http syn-ack | http-sql-injection: |    Possible sqli for queries: |_   ...