SQL Injection - Viewing the Logs
Posted on 2010-01-11
One of our databases keeps getting infected by a SQL injection. We clean the data, the next day, the DB is infected with the same code. It's pretty much acting like a worm. We've modified some of the code of the pages that we think are vulnerable, but still not luck. I know we have to go through all the pages in our web server, but we have so many that by the time we're done, we will probably get infected many times.
I was wondering if there's a way to check the SQL logs to see where/time this is coming from?
Also, since we're getting infected every day. There's also a possibility that there could be a backdoor. How can we check for these?