 |  |  |  |  |  |  |  |
Possible SQL Injection attack
Please support our ASP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
 |
Hi,
I just came across a piece of script that has been put into my source code throughout the site...and not by me.
Im not sure how they did it but im fearing this could get more serious and end up them hitting my db. Here is example(kind of) of the script im finding...
HELP!!!!!!
I just came across a piece of script that has been put into my source code throughout the site...and not by me.
Im not sure how they did it but im fearing this could get more serious and end up them hitting my db. Here is example(kind of) of the script im finding...
ASP Syntax (Toggle Plain Text)
HELP!!!!!!
0
#2 Oct 22nd, 2009
I'd check your database for rouge entries, users.
Double-check your file permissions, and if your on a shared host, it might be a bad security setup in the host, allowing access to the files. Are these scripts served from the db or are they in the source files?
Do you have a better example of the scripts? (and the domain, if the site is in production, would be useful).
Double-check your file permissions, and if your on a shared host, it might be a bad security setup in the host, allowing access to the files. Are these scripts served from the db or are they in the source files?
Do you have a better example of the scripts? (and the domain, if the site is in production, would be useful).
CodeJoust! Design + Development - Proud User of Ubuntu
0
#3 Oct 22nd, 2009
•
•
•
•
Originally Posted by codejoust 
I'd check your database for rouge entries, users.
Double-check your file permissions, and if your on a shared host, it might be a bad security setup in the host, allowing access to the files. Are these scripts served from the db or are they in the source files?
Do you have a better example of the scripts? (and the domain, if the site is in production, would be useful).
This is the exact script that was entered into the site.
ASP Syntax (Toggle Plain Text)
Im using google analytics which contains "Document.Write". Might they be using this to enter it into the pages?
0
#4 Oct 22nd, 2009
Heloo, my site is attacked by this script.
all of aspx, html, js... files have got it
I cant remove it day by day ...
pls help
all of aspx, html, js... files have got it
ASP Syntax (Toggle Plain Text)
I cant remove it day by day ...
pls help
0
#5 Oct 22nd, 2009
See here:
Hi,
Já vi virus causando isso, como está acontecendo no provedor, trata-se de um virus nos servidores do provedor. I have seen virus causing it, as is happening in the provider, it is a virus on the servers of the provider.
O problema é que nunca admitem, se pelo menos resolverem, ótimo, do contrário o jeito é trocar de provedor. The problem is that they never admit, at least resolve, great, otherwise we'll just switch to another provider.
http://translate.google.com/translat...ial%26hs%3DQ0O
Providers try to push the blame on you (saying it is flawed for its application), but if your application is not capable of uploading files, it is virtually impossible to modify the files in your application - to change, your ISP also has a much great fault.
Also, it might be a hole in your application. Is it online now?
Hi,
Já vi virus causando isso, como está acontecendo no provedor, trata-se de um virus nos servidores do provedor. I have seen virus causing it, as is happening in the provider, it is a virus on the servers of the provider.
O problema é que nunca admitem, se pelo menos resolverem, ótimo, do contrário o jeito é trocar de provedor. The problem is that they never admit, at least resolve, great, otherwise we'll just switch to another provider.
http://translate.google.com/translat...ial%26hs%3DQ0O
Providers try to push the blame on you (saying it is flawed for its application), but if your application is not capable of uploading files, it is virtually impossible to modify the files in your application - to change, your ISP also has a much great fault.
Also, it might be a hole in your application. Is it online now?
CodeJoust! Design + Development - Proud User of Ubuntu
0
#6 Oct 22nd, 2009
My site is http://www.mmmode.com.vn
I use a crack portable FTP CUTE, whether there is reason about this malware ?
MY ISP has got alot of virus, malware n etc .... they are so bad support
I use a crack portable FTP CUTE, whether there is reason about this malware ?
MY ISP has got alot of virus, malware n etc .... they are so bad support
|
Similar Threads
- Preventing an SQL injection (PHP)
- SQL Injection Attack (Database Design)
- SQL Injection (MySQL)
- Prevent queries from SQL Injection attack in SQL Server 2005 (MS SQL)
- What you (yes, you too) need to know about sql injection (PHP)
- SQL Injection Attacks (Database Design)
Other Threads in the ASP Forum
- Previous Thread: asp page
- Next Thread: SQL Injection Attacks
Views: 1057 | Replies: 5
| Thread Tools | Search this Thread |
Latest ASP Posts
- Today's Posts
- Unanswered Threads
Related Forum Features
Tag cloud for ASP
archive asp asp.net aspandmssqlserver2005 aspandmssqlserver2005connection aspconnection calendar changeable connection current database databaseconnection diagnostics dreamweaver excel fso html iis microsoft msmsql mssql2005 mssqlserver2005 mssqlserver2005andasp mssqlserverandasp opentextfile query record searchbox selectoption server single specfic sqlserver sqlserverconnection toolkit update web webserver windows7
