ProtectSQL

An SQL query using direct user input
protectSQL throws a vulnerability
Same SQL query using serialized parameters
no vulnerability!

Inspiration

We wanted to make a package to check for SQLi vulnerabilities for generic frameworks/specific to Flask as there are quite a few python applications that don't use ORM and are vulnerable to SQLi vulnerabilities.

What it does

A CLI tool which will help you analyze your python/flask app, using Pysa (a static analysis tool by facebook), In case sqli are found, they're displayed at runtime after running the analyze command.

How we built it

Protectsql is build on top of pysa, a part of the pyre-check project package (see more about pysa here). Additionally, since it's a CLI tool, we also make use of click (see more here). Tech Stack:

python
pysa
click
flask

Challenges we ran into

Understanding pysa documentation
Coming up with target frameworks vulnerable to sqli injections and how can we use pysa for them

Accomplishments that we're proud of

Successfully integrating Pysa using Click
Uploading package to PyPi
Testing successfully on example project and getting appropriate sqli vulnerabilities captured

What we learned

Using pysa for static analysis
Usage of click, the python CLI tool
Uploading our own package to PyPi

What's next for ProtectSql

We plan to add support to more lightweight framework which does not rely on ORM! As of now, Protectsql is published on PyPi and is ready for use. Anyone can contribute following our contribution rules and guidelines.

Built With

click
flask
pysa
python

Submitted to

MLH Fellowship Orientation Hackathon - Batch 4

Created by

I worked on the basic setup for Click, Pysa integration, created initial Taint Sources and Sink and deployed the package to Pypi.

Arpan Abhishek
I worked on the documentation, collaborated on issues using github best practices, looked into using click for pysa integration.

Ishita Dasgupta
Vibhor Gupta
Key strokes and six strings
Vividha Rawat