Extract SQL query from a Web Page independent of the Scripting language

Question

Hello friends. At present i am doing a project regarding SQL injection. I am doing it in such a way that it will find the SQL injection independent of the server side scripting.. whether it may be jsp or asp or php. Now the major problem is I have to extract the SQL query from the web page. That is when i press submit button for instance, the request from the web server to the database will be sent in the form of sql statement. So my problem is to capture that sql statement

Any suggestions of how to do it?

Thanks in advance

Answer 1

You can't capture a server based SQL script, and any website that generates the SQL in Javascript is just asking you to brea ktheir site.

Answer 2

You can put a proxy between your web application and the rdbms. Some systems (MySql for example) come with such a proxy.

Answer 3

Some sql servers has feature of recording proceeded SQL queries ( MSSQL has the SQL Profiler for example ). If some sql servers has not this feature, you can catch the SQL queries with some proxy in the network ( web application ----> your proxy ----> sql server ).

You should pair the input values and recorded queries.

The problem with searching the SQL queries in code is very complex and I think imposible. The sql query must not be in plain text form or can be created dynamicaly.

For example:

// this will produce SQL querry
from p in db.Products where p.Size > 1000 && p.Count < 5 order by p.Name select p;

// this will not produce any SQL query
from c in ColumnsOf( db.Products ) where c.Contains( "Name" ) select c.Type;

// this will produce SQL query
var tmp = "SELECT ";
for(int i = 0; i < columns.Length; i++ ) {
    if ( i > 0 ) { tmp += ", "; }
    tmp += columns[i].Name;
}
tmp += "FROM " + someTextVariable;