What does the analyzer do?
The SecureRequest Analyzer works by scanning your website for links (within the
domain) containing querystrings.
ex:
http://www.mywebsite.com/default.asp?something=value
For each link found it will then append some invalid - but totally harmless
- SQL code:
ex:
http://www.mywebsite.com/default.asp?something=value'
having 1=1
- If the querystring value isn't filterd before it's run on the SQL server - it
will return an error. If an SQL error is returned - the analyzer will know that
it's vulnreble.
The following SQL commands is tested:
For numerals:
- '; Will cause an error since the SQL server finds an unclosed string
- HAVING 1=1-- Will cause an error since HAVING needs the GROUP
BY keyword
For strings:
- ' HAVING 1=1-- Will cause an error since HAVING needs the GROUP
BY keyword
Please note that the analyzer will not POST any data so it will only detect
insecure uses of querystrings.
For security reasons - your IP (38.107.191.93)
will be sent to the server inside the Useragent variable.