FatCat V2– Automatic Web [S]QL-InjectorSandeep Kamble AKA [S]     Parason INC                           Blog : http://sand...
#/usr/bin/whoami•Narcissistic Vulnerability Pimp (aka SecurityResearcher for fun)•Listed in Google , Facebook , Twitter , ...
Index    •Introducing FatCat Beta 2    •SQL Injection in Brief    • FatCat Injgredients         1) DB Information & server...
Provide Good Advise for GoodPeople     Warning! : FatCat is being used for security    research. All PHP files will be inf...
Ladies gentleman introducingFatCat V2  1) It’s New , it’s cool to use , inject web!  2) Normal SQL injection  3) Error Bas...
SQL injection in Brief    It’s me .. Hi, :/                            “SQL Injection happens when user                   ...
FatCat Ingredients 1) DB Information & server Information gathering. 2) Normal SQL injection. 3) Error Based SQL injection...
FatCat Ingredients1) DB Information & server Information gathering.      By using MYSQL Statement , Db & Server informatio...
FatCat Ingredients1) Normal SQL injection   •It is also Know as Union SQL injection   •Union help us to combine two result...
FatCat Ingredients2) Error based SQL injection    •It is also Know as Double Query SQL injection    •Some times union base...
FatCat Ingredients3) WAF (Web application Firewall) Bypass ?
FatCat Ingredients   1. Protection Against OWASP Top Ten!   2. Types of Vulnerabilities it can prevent.   3. Brute Force p...
FatCat Ingredients3) WAF (Web application Firewall) Bypass      •We use Following Methods to bypass WAF          •C-Style ...
FatCat Ingredients3) WAF (Web application Firewall) Bypass      1. Mysql Comment WAF bypass          •Syntax /*! Mysql Sta...
FatCat Ingredients3) WAF (Webapplication Firwall) Bypass   1. Buffer Overflow WAF bypass       •Syntax : ‘ AAAAAAAAAAAAAAA...
FatCat Ingredients3) WAF (Webapplication Firwall) Bypass   1. CRLF WAF Bypass   Syntax : %0A%0D+Mysql Statements+%0A%0   E...
FatCat Ingredients3) WAF (Webapplication Firwall) Bypass   1. Bypass with information_schema.key_column_usage      Example :
FatCat Ingredients3) WAF (Webapplication Firwall) Bypass   1. Bypass with information_schema.statics      Example :
Countermeasures for SQLI
Lets Inject with FatCat
Any Questions ?     A Gentleman never asks.     A Lady never tells.
Thank you !</presentation>
Upcoming SlideShare
Loading in …5
×

Fatcat Automatic Web SQL Injector by Sandeep Kamble

2,124 views
1,918 views

Published on

What is FatCat Sql injector: This is an automatic SQL Injection tool called as FatCat.

Fatcat Purpose? : For testing your web application and exploit your application into more deeper.

FatCat Support:
1)Mysql 5.0

FatCat Features?

Union Based Sql Injection
Error Based Sql Injection
MOD Security Bypass (WAF)

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,124
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
33
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Fatcat Automatic Web SQL Injector by Sandeep Kamble

  1. 1. FatCat V2– Automatic Web [S]QL-InjectorSandeep Kamble AKA [S] Parason INC Blog : http://sandeepkamble.com Twitter: @SandeepL337
  2. 2. #/usr/bin/whoami•Narcissistic Vulnerability Pimp (aka SecurityResearcher for fun)•Listed in Google , Facebook , Twitter , Drop box ,Cloud flare , 500px , Lynda.com , Central DesktopSecurity Pages.•Ahhh ? What are those Vulnerabilities•Member of Garage4hackers.com & you can findPOC @G4h.
  3. 3. Index •Introducing FatCat Beta 2 •SQL Injection in Brief • FatCat Injgredients 1) DB Information & server Information gathering. 2) Normal SQL injection. 3) Error Based SQL injection. 4) WAF (Web Application Firewall)Bypass functions. •C-Style Mysql comment WAF Bypass •Buffer overflow WAF Bypass •CRLF WAF Bypass •Bypass with Information_schema.statics •Bypass with Information_schema.key_column_usage 5) Countermeasures 6) Demo
  4. 4. Provide Good Advise for GoodPeople Warning! : FatCat is being used for security research. All PHP files will be infected and all yours data will be collected. If you want to be safe, dont use this Tool. If you do that, dont send sensitive information. If after all you continue, do it on your own risk
  5. 5. Ladies gentleman introducingFatCat V2 1) It’s New , it’s cool to use , inject web! 2) Normal SQL injection 3) Error Based SQL injection 4) WAF (Web application firewall ) Bypass function. 5) Helpful to Pentester – You can create POC from anywhere . 6) It supports Mysql 5.0 7) Developed in PHP 8) FatCat made 3400+ Downloads on Code.google.com
  6. 6. SQL injection in Brief It’s me .. Hi, :/ “SQL Injection happens when user manipulate input & form a SQL Query. “ Sending payload !@#$%^&*()
  7. 7. FatCat Ingredients 1) DB Information & server Information gathering. 2) Normal SQL injection. 3) Error Based SQL injection. 4) WAF (Web Application Firewall)Bypass functions.
  8. 8. FatCat Ingredients1) DB Information & server Information gathering. By using MYSQL Statement , Db & Server information can be gathered 1. Finding Total Column Count 9. Max allowed Packet size • Order by n+1; • @@max_allowed_packet 2. Finding MySQL Version function • VERSION () Function 3. Finding current User • User() Function 4. Finding Data Directory • @@datadir Function 5. Finding Base Directory • @@basedir Function 6. Finding Host Name • @@hostname Function 7. Finding Operating System • @@version_compile_os Function 8. Finding Current Database name • Database() Function
  9. 9. FatCat Ingredients1) Normal SQL injection •It is also Know as Union SQL injection •Union help us to combine two result set of the select statement •Eg: Id=-2+Union+select+13371,13372,13373,13374-- -
  10. 10. FatCat Ingredients2) Error based SQL injection •It is also Know as Double Query SQL injection •Some times union based SQLi get fails that time you can use Error based SQLi • A query which confuse the DB engine and produce helpful mysql errors •Eg: select gmailid,(select password from id where id=9) As Google_India from id; Aww .. ! Double Query duplicate entry ~‘Clubhack_screte~1 for key 1 Sending payload !@#$W00T%^&*() FatCat web interface
  11. 11. FatCat Ingredients3) WAF (Web application Firewall) Bypass ?
  12. 12. FatCat Ingredients 1. Protection Against OWASP Top Ten! 2. Types of Vulnerabilities it can prevent. 3. Brute Force protection.In simple language , It’s Monitor HTTP conversation
  13. 13. FatCat Ingredients3) WAF (Web application Firewall) Bypass •We use Following Methods to bypass WAF •C-Style Mysql comment WAF Bypass •Buffer overflow WAF Bypass •CRLF WAF Bypass •Bypass with Information_schema.statics •Bypass with Information_schema.key_column_usage •Linux Based WAFS •AppArmor •ModSecurity - Also works under Mac OS X, Solaris and other versions of Unix. •Systrace •Zorp
  14. 14. FatCat Ingredients3) WAF (Web application Firewall) Bypass 1. Mysql Comment WAF bypass •Syntax /*! Mysql Statements */ •Example
  15. 15. FatCat Ingredients3) WAF (Webapplication Firwall) Bypass 1. Buffer Overflow WAF bypass •Syntax : ‘ AAAAAAAAAAAAAAAAAAAAAAAAAAAA Mysql Statement •Example:
  16. 16. FatCat Ingredients3) WAF (Webapplication Firwall) Bypass 1. CRLF WAF Bypass Syntax : %0A%0D+Mysql Statements+%0A%0 Example :
  17. 17. FatCat Ingredients3) WAF (Webapplication Firwall) Bypass 1. Bypass with information_schema.key_column_usage Example :
  18. 18. FatCat Ingredients3) WAF (Webapplication Firwall) Bypass 1. Bypass with information_schema.statics Example :
  19. 19. Countermeasures for SQLI
  20. 20. Lets Inject with FatCat
  21. 21. Any Questions ? A Gentleman never asks. A Lady never tells.
  22. 22. Thank you !</presentation>

×