Out of curiosity does anyone know any way to scan MySQL databases for potential injection issues?
Hoo-boy! Ran into that same question with a few of my clients last year... OWASP
has information on procedures to test a database for SQL injection vulnerabilities.
AFAIK, the default automated
testing tool is sqlmap
. That's what my two clients used as their starting point even though some sources have argued it won't catch everything. You can find info and the download links for sqlmap here
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
However, most of what I've read suggests that rather than trying to scan or otherwise test for vulnerabilities, it's far easier to take the precaution of making sure all
your SQL statements are paramaterized
. Smart money says sanitizing your SQL that way is the only reliable method for stopping injection attacks. Nice short article on that over at Coding Horror. Find it here