Libinjection : SQL / SQLI Tokenizer Parser Analyzer

Libinjection is a SQL / SQLI tokenizer parser analyzer. For

• C and C++
• PHP
• Python
• Lua
• Java (external port)
• [LuaJIT/FFI] (https://github.com/p0pr0ck5/lua-ffi-libinjection) (external port)

Simple example

#include
#include
#include
#include “libinjection.h”
#include “libinjection_sqli.h”
int main(int argc, const char* argv[])
{
struct libinjection_sqli_state state;
int issqli;
const char* input = argv[1];
size_t slen = strlen(input);
/* in real-world, you would url-decode the input, etc */
libinjection_sqli_init(&state, input, slen, FLAG_NONE);
issqli = libinjection_is_sqli(&state);
if (issqli) {
fprintf(stderr, “sqli detected with fingerprint of ‘%s’\n”, state.fingerprint);
}
return issqli;
}

$ gcc -Wall -Wextra examples.c libinjection_sqli.c
$ ./a.out “-1′ and 1=1 union/* foo */select load_file(‘/etc/passwd’)–“
sqli detected with fingerprint of ‘s&1UE’

More advanced samples:

• sqli_cli.c
• reader.c
• fptool

VERSION INFORMATION

Versions are listed as “major.minor.point”

Major are significant changes to the API and/or fingerprint format. Applications will need recompiling and/or refactoring.

Minor are C code changes. These may include

• logical change to detect or suppress
• optimization changes
• code refactoring

Point releases are purely data changes. These may be safely applied.

QUALITY AND DIAGNOSITICS

The continuous integration results at https://travis-ci.org/client9/libinjection tests the following:

• build and unit-tests under GCC
• build and unit-tests under Clang
• static analysis using clang static analyzer
• static analysis using cppcheck
• checks for memory errors using valgrind
• code coverage online using coveralls.io