none
Using CAT.NET to check for security vulnarabilities - better tool available? RRS feed

  • Question

  • According to MSDN downloads for Visual Studio add-in 'CAT.NET', this tool is suppose to catch a lot of common security vulnarabiliteis:

    http://forums.microsoft.com/MSDN/default.aspx?SiteID=1

    My first test of the product was the following VB code.   The tool reported 'no issues' - I would vehmently disagree with that.    Does anyone know a good tool along these lines that actually works?   If it failed this simple of a test I don't have confidence in it finding any other flaws.

    Sub ExecuteSqlInjectionDemo(ByVal param As String)

    Using connection As New SqlConnection()

    Using cmd As SqlCommand = connection.CreateCommand()

    cmd.CommandText = "SELECT * FROM tbTest WHERE id = " + param

    cmd.ExecuteNonQuery()

    End Using

    End Using

    End Sub

    From the download site:
    CAT.NET is a snap-in to the Visual Studio IDE that helps you identify security flaws within a managed code (C#, Visual Basic .NET, J#) application you are developing. It does so by scanning the binary and/or assembly of the application, and tracing the data flow among its statements, methods, and assemblies. This includes indirect data types such as property assignments and instance tainting operations. The engine works by reading the target assembly and all reference assemblies used in the application -- module-by-module -- and then analyzing all of the methods contained within each. It finally displays the issues its finds in a list that you can use to jump directly to the places in your application's source code where those issues were found. The following rules are currently support by this version of the tool. - Cross Site Scripting - SQL Injection - Process Command Injection - File Canonicalization - Exception Information - LDAP Injection - XPATH Injection - Redirection to User Controlled Site

    Friday, January 16, 2009 3:22 PM

Answers

  • Your link isn't useful.  Lots of ways to do SQL injection.  That tool just doesn't check your way.  You'll never find a tool that covers all of them, other than the one between your ears.
    Hans Passant.
    • Marked as answer by Zhi-Xin Ye Thursday, January 22, 2009 8:18 AM
    Saturday, January 17, 2009 1:53 AM
    Moderator