readme.md (v0.8) - files - QueryParam Scanner

file: qpscanner/readme.md
tag: v0.8
size: 3 KB
lines: 93
 1QueryParam Scanner
 2
 3* Version:       0.8
 4* License:       LGPLv3
 5* Homepage:      https://www.sorcerersisle.com/software/qpscanner
 6* Documentation: https://docs.sorcerersisle.com/qpscanner
 7* Repository:    https://code.sorcerersisle.com/qpscanner.git
 8* Issues:        https://github.com/boughtonp/qpscanner/issues
 9
10
11Description
12-----------
13
14QueryParam Scanner (qpScanner) is a tool designed to identify possible SQL
15injection risks in CFML queries, by highlighting instances of unparameterised
16variables.
17
18
19Known Issues
20------------
21
22QueryParam Scanner does not work with script/function based queries, and - due
23to the dynamic nature of CFML - would require a significant overhaul to have
24any chance of producing useful output.
25
26Instead, a security tool configured to scan for SQL injection attacks should
27be used to protect such software, e.g. OWASP ZAP (https://www.zaproxy.org).
28
29
30Requirements
31------------
32
33qpScanner can scan code written for any CFML engine, but itself requires
34at least ColdFusion 9 or Railo 3.x to run.
35
36To run qpScanner on older CFML engines, try v0.7.3 instead - this is available
37on branch 0.7.3 or for download from https://code.sorcerersisle.com/qpscanner/tags
38
39
40Getting Started
41---------------
42
43Extract all files to a directory in your webroot, then access that directory in
44a browser.
45
46Everything required is contained within the zip file; no mappings nor
47datasources need to be setup.
48
49
50Upon accessing qpScanner you will see a simple form:
51
52	Directory
53		The location of the code you wish to scan.
54		This can be either an absolute path or a mapping.
55
56	Recurse?
57		Select yes if you want qpScanner to look inside sub-directories,
58		or no to only scan the files directly in the specified directory.
59
60
61Once these are set as appropriate, press Scan and qpScanner will get to work.
62
63It will look for queries with CF variables (ie: `#values_in_hashes#`) that are
64not inside a cfqueryparam tag, and  - once complete - will list how many were
65found out of how many total queries, and provide a list of files and queries.
66
67
68NOTE: QueryParam Scanner should be used *only* in your development environment,
69not on a live/public box. In addition to the security risks, it might have an
70adverse affect on performance.
71
72
73Licensing & Credits
74-------------------
75
76This project is available under the terms of the GPLv3 license.
77See license.txt to understand your rights and obligations.
78
79QueryParam Scanner was created by Peter Boughton and gratefully makes
80use of the third-party software detailed below, each available
81individually under their respective licenses.
82
83jQuery v1.2.6 (http://jquery.com)
84* Source: https://github.com/jquery/jquery
85* License: GPLv2 or MIT (See http://jquery.org/license)
86* Files: resources/scripts/jquery-1.2.6.min.js
87
88Framework One v2.2 (http://fw1.riaforge.org)
89* Source: http://github.com/seancorfield/fw1/
90* License: Apache v2.0 (http://www.apache.org/licenses/LICENSE-2.0)
91* Files: framework.cfc
92
93
94/eof