• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Fatcat Automatic Web SQL Injector by Sandeep Kamble
 

Fatcat Automatic Web SQL Injector by Sandeep Kamble

on

  • 1,748 views

What is FatCat Sql injector: This is an automatic SQL Injection tool called as FatCat. ...

What is FatCat Sql injector: This is an automatic SQL Injection tool called as FatCat.

Fatcat Purpose? : For testing your web application and exploit your application into more deeper.

FatCat Support:
1)Mysql 5.0

FatCat Features?

Union Based Sql Injection
Error Based Sql Injection
MOD Security Bypass (WAF)

Statistics

Views

Total Views
1,748
Views on SlideShare
1,712
Embed Views
36

Actions

Likes
2
Downloads
19
Comments
0

3 Embeds 36

http://www.clubhack.tv 34
http://www.slashdocs.com 1
https://twitter.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Fatcat Automatic Web SQL Injector by Sandeep Kamble Fatcat Automatic Web SQL Injector by Sandeep Kamble Presentation Transcript

    • FatCat V2– Automatic Web [S]QL-InjectorSandeep Kamble AKA [S] Parason INC Blog : http://sandeepkamble.com Twitter: @SandeepL337
    • #/usr/bin/whoami•Narcissistic Vulnerability Pimp (aka SecurityResearcher for fun)•Listed in Google , Facebook , Twitter , Drop box ,Cloud flare , 500px , Lynda.com , Central DesktopSecurity Pages.•Ahhh ? What are those Vulnerabilities•Member of Garage4hackers.com & you can findPOC @G4h.
    • Index •Introducing FatCat Beta 2 •SQL Injection in Brief • FatCat Injgredients 1) DB Information & server Information gathering. 2) Normal SQL injection. 3) Error Based SQL injection. 4) WAF (Web Application Firewall)Bypass functions. •C-Style Mysql comment WAF Bypass •Buffer overflow WAF Bypass •CRLF WAF Bypass •Bypass with Information_schema.statics •Bypass with Information_schema.key_column_usage 5) Countermeasures 6) Demo
    • Provide Good Advise for GoodPeople Warning! : FatCat is being used for security research. All PHP files will be infected and all yours data will be collected. If you want to be safe, dont use this Tool. If you do that, dont send sensitive information. If after all you continue, do it on your own risk
    • Ladies gentleman introducingFatCat V2 1) It’s New , it’s cool to use , inject web! 2) Normal SQL injection 3) Error Based SQL injection 4) WAF (Web application firewall ) Bypass function. 5) Helpful to Pentester – You can create POC from anywhere . 6) It supports Mysql 5.0 7) Developed in PHP 8) FatCat made 3400+ Downloads on Code.google.com
    • SQL injection in Brief It’s me .. Hi, :/ “SQL Injection happens when user manipulate input & form a SQL Query. “ Sending payload !@#$%^&*()
    • FatCat Ingredients 1) DB Information & server Information gathering. 2) Normal SQL injection. 3) Error Based SQL injection. 4) WAF (Web Application Firewall)Bypass functions.
    • FatCat Ingredients1) DB Information & server Information gathering. By using MYSQL Statement , Db & Server information can be gathered 1. Finding Total Column Count 9. Max allowed Packet size • Order by n+1; • @@max_allowed_packet 2. Finding MySQL Version function • VERSION () Function 3. Finding current User • User() Function 4. Finding Data Directory • @@datadir Function 5. Finding Base Directory • @@basedir Function 6. Finding Host Name • @@hostname Function 7. Finding Operating System • @@version_compile_os Function 8. Finding Current Database name • Database() Function
    • FatCat Ingredients1) Normal SQL injection •It is also Know as Union SQL injection •Union help us to combine two result set of the select statement •Eg: Id=-2+Union+select+13371,13372,13373,13374-- -
    • FatCat Ingredients2) Error based SQL injection •It is also Know as Double Query SQL injection •Some times union based SQLi get fails that time you can use Error based SQLi • A query which confuse the DB engine and produce helpful mysql errors •Eg: select gmailid,(select password from id where id=9) As Google_India from id; Aww .. ! Double Query duplicate entry ~‘Clubhack_screte~1 for key 1 Sending payload !@#$W00T%^&*() FatCat web interface
    • FatCat Ingredients3) WAF (Web application Firewall) Bypass ?
    • FatCat Ingredients 1. Protection Against OWASP Top Ten! 2. Types of Vulnerabilities it can prevent. 3. Brute Force protection.In simple language , It’s Monitor HTTP conversation
    • FatCat Ingredients3) WAF (Web application Firewall) Bypass •We use Following Methods to bypass WAF •C-Style Mysql comment WAF Bypass •Buffer overflow WAF Bypass •CRLF WAF Bypass •Bypass with Information_schema.statics •Bypass with Information_schema.key_column_usage •Linux Based WAFS •AppArmor •ModSecurity - Also works under Mac OS X, Solaris and other versions of Unix. •Systrace •Zorp
    • FatCat Ingredients3) WAF (Web application Firewall) Bypass 1. Mysql Comment WAF bypass •Syntax /*! Mysql Statements */ •Example
    • FatCat Ingredients3) WAF (Webapplication Firwall) Bypass 1. Buffer Overflow WAF bypass •Syntax : ‘ AAAAAAAAAAAAAAAAAAAAAAAAAAAA Mysql Statement •Example:
    • FatCat Ingredients3) WAF (Webapplication Firwall) Bypass 1. CRLF WAF Bypass Syntax : %0A%0D+Mysql Statements+%0A%0 Example :
    • FatCat Ingredients3) WAF (Webapplication Firwall) Bypass 1. Bypass with information_schema.key_column_usage Example :
    • FatCat Ingredients3) WAF (Webapplication Firwall) Bypass 1. Bypass with information_schema.statics Example :
    • Countermeasures for SQLI
    • Lets Inject with FatCat
    • Any Questions ? A Gentleman never asks. A Lady never tells.
    • Thank you !</presentation>