In a joint effort between the Laboratory team and CSAs team, mainly, at the hands of José Sperk and Carlos Ávila, we have set to work to improve a plugin which has been in high demand: the one of SQLinjection. To do this, we have decided to interact with one of the most utilised hacking tools in the market, the famous SQLMap. From this, we have advanced with the development of a plugin which allows us to detect and exploit SQL injection vulnerabilities in web applications, using REST-JSON API of SQLMap, but from a friendlier and more well-known graphic environment, such as that of the FOCA.
The following video shows you how to download and utilise the SQLI plugin in FOCA, taking into account that previously you must download and install SQLMap on your computer to launch the scans from there.
If you prefer or you have installed SQLMap
on another computer, you can also select “Remote Server API” and connect from the
FOCA OpenSource to launch scans remotely
As if that was not enough, we have also created another new haveibeenpwned plugin for Foca which interacts through the https://haveibeenpwned.com/ APIs and
with http://hesidohackeado.es/. In this way, the email addresses which you find whilst analyzing the metadata with FOCA OpenSource, can be
directly consulted from the application against those two data
bases. Likewise, if you have a file with an address list
which you want to verify, you can do it directly from this
plugin. The following video shows how it works.
Finally, we have released the source code for PluginApi.dll, in charge of communicating the plugins with FOCA, providing different options to make the most of the results of the analyses of which we carry out.
Remember that if you want to add new plugins, we have provided several examples that contain everything you need to develop a new one. All of this is available in our FOCA market, where you are welcome to participate with your proposals.
Team Leader of the CSA and the Bs. As. Research Office at ElevenPaths
Innovation and Laboratory