Pre-Grant Publication Number: 20090119777
Method and system of determining vulnerability of web application
Please help the USPTO examine the application by evaluating the relevance of the publicly submitted prior art to the patent application. Peer To Patent forwards the Top 10 most relevant prior art submissions and their annotations to the USPTO.

Review this prior art and click on the thumbs up (or down) to indicate whether this submission should be forwarded to the USPTO.
If you login then you can add an annotation by typing in the box at the bottom of the screen to comment on the relevance of the prior art to the claims of the patent application.
Prior Art Detail
Annotations(0)
#506SQLMAP
Applies to Claims 1
Submitted by: Igor NaumovLast updated: almost 4 years ago
1 thumb up 0 thumbs down
Summary / Description
Summary / DescriptionFrom the sqlmap project site (http://sqlmap.sourceforge.net/): sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications.
 
Basic Information
Type of Prior ArtOnline Publication
 
URLhttp://sqlmap.sourceforge.net/d...
 
Author/CreatorBernardo Damele A. G.
 
Titlesqlmap project change log
 
Publication DateDecember 13, 2006
 
PublisherSourceForge.net
 
Directions to Document LocationFirst version released on 13-Dec-2006, see bottom of the change log
 
Additional Information
 
Notes / To Do
Notes
 
Excerpt
Excerpt
added InjectionCheck class in injection.py which performs check on url stability, dynamics of parameters and injection on dynamic url parameters
 
Relevance
Claims
1
A method of determining vulnerability of web application comprising:selecting a fixed parameter from parameters of a URL link extracted from a website;determining whether vulnerability determination has been completed for the selected fixed parameter;inserting an attack pattern for each attack type to an input value for the selected fixed parameter, when the vulnerability determination has not been completed; anddetermining vulnerability of the selected fixed parameter by each attack type through an analysis of response to an input of URL link with the attack pattern inserted thereinto.
Relevance
sqlmap application performs automatic check on a wide range of vulnerabilities classified as "SQL injection" for a given URL. The main point of claim 1 is to automate vulnerability analysis by performing several simulated attacks using specially crafted values of the URL parameters and checking the response for possible vulnerability indications. Although SQL injection is not the only possible class of vulnerabilities, it covers a significant portion of them.
sqlmap application performs automatic check on a wide range of vulnerabilities classified as "SQL injection" for a given URL. The main point of claim 1 is to automate vulnerability analysis by performing several simulated attacks using specially crafted values of the URL parameters and checking the response for possible vulnerability indications. Although SQL injection is not the only possible class of vulnerabilities, it covers a significant portion of them.
Claim Chart
Some
0 days left
Activity
Application
Discussion (0)
Prior Art (2)
Research (0)
Subscribe to this Community
Invite a Reviewer
HOW TO USE PEER TO PATENT
Peer To Patent Videos