Analyse SQL injection attempts in web server logs

The program can either be run in batch mode or interactive mode. In batch mode the program will accept Apache web server logs and will deobfuscate requested URLs from the logs. In interactive mode the program will prompt for user input and will print the deobfuscated results.

The program can deobfuscate the following obfuscation techniques:

  • SQL CHAR encoding
  • SQL CAST encoding
  • Case encoding of SQL keywords
  • Substring(Experimental – Disabled by default as it will fail with nested queries)



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s