Libinjection is a SQL / SQLI tokenizer parser analyzer. For
Simple example
#include
#include
#include
#include “libinjection.h”
#include “libinjection_sqli.h”
int main(int argc, const char* argv[])
{
struct libinjection_sqli_state state;
int issqli;
const char* input = argv[1];
size_t slen = strlen(input);
/* in real-world, you would url-decode the input, etc */
libinjection_sqli_init(&state, input, slen, FLAG_NONE);
issqli = libinjection_is_sqli(&state);
if (issqli) {
fprintf(stderr, “sqli detected with fingerprint of ‘%s’\n”, state.fingerprint);
}
return issqli;
}
$ gcc -Wall -Wextra examples.c libinjection_sqli.c
$ ./a.out “-1′ and 1=1 union/* foo */select load_file(‘/etc/passwd’)–“
sqli detected with fingerprint of ‘s&1UE’
More advanced samples:
VERSION INFORMATION
Versions are listed as “major.minor.point”
Major are significant changes to the API and/or fingerprint format. Applications will need recompiling and/or refactoring.
Minor are C code changes. These may include
Point releases are purely data changes. These may be safely applied.
QUALITY AND DIAGNOSITICS
The continuous integration results at https://travis-ci.org/client9/libinjection tests the following:
Setting a static IP address on your server is a smart move. It ensures your…
Xrdp is an open-source implementation of the Microsoft Remote Desktop Protocol (RDP). It lets you access…
Managing user accounts is one of the most basic system administration tasks on any Linux…
Wine (short for "Wine Is Not an Emulator") is a compatibility layer that lets you run…
KVM (Kernel-based Virtual Machine) is an open-source virtualization technology built into the Linux kernel. It lets…
Ubuntu 20.04 LTS (code name Focal Fossa) was released on April 23, 2020. It is a…