someone hack my site

Fraas
Fraas used Ask the Experts™
on
hi all

my website is developed by ASP.NET

but someone uploaded an ASP file to my site (1.asp) , but I don't know how he upload that file :(

and that file give him full control over my site :(

I am sure there are no ability for SQL Injection because all the transactions with the database made by Stored Procedures

any one can help me with information what the problem could ?? how can I check my website if there's any bug I don't now it ?

I thing that file uploaded by hacking software !!


thanks in advance
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Kalpesh ChhatralaSoftware Consultant

Commented:

1) First of all change your all Password to more Complex like (alphabetic, numeric and special character in password).

2) have you given access right to anyone ?

3) have you given access rights to anonymous ?

4) have you reveal your password in your any html pages ?

5) remove 1.asp file or rename that file and check this file called from any of your pages...
Top Expert 2015

Commented:
Do you have form on your site? Text boxes for users to enter information and submit? Are you cleansing the input from these to prevent scripts from being entered and submitted?

Author

Commented:
thanks for replay

actually we use our own script , and also our own CMS , and all our password are Complex , plus I am the only one how can access to the CMS

and also the HTML forms are protected from entering any script or SQL injection because I am using Stored Procedure for all the transaction with the Database

the problem now , I need to know , how that person or Software uploaded that asp file ??
what should I consider to prevent any one from hacking my website ?

thanks again
How to Generate Services Revenue the Easiest Way

This Tuesday! Learn key insights about modern cyber protection services & gain practical strategies to skyrocket business:

- What it takes to build a cloud service portfolio
- How to determine which services will help your unique business grow
- Various use-cases and examples

Top Expert 2015
Commented:
>>HTML forms are protected from entering any script or SQL injection because I am using Stored Procedure

I did not miss that point when you made in your question but I don't get the correlation between using stored procedures and preventing Sql injection attacks.

Microsoft says "Using stored procedures does not necessarily prevent SQL injection." on this site:

http://msdn.microsoft.com/en-us/library/ff648339.aspx
Top Expert 2015

Commented:
Are you using Sql Parameters in your stored procedures? Are you using regex expressions or some other method to limit the characters that can be entered into text boxes?

Commented:
I use Backtrack and appscan for vulnerability check
1.      Nessus (Linux if you can) http://www.nessus.org/nessus/
2.      Nikto (Linux) http://www.cirt.net/nikto2
3.      Paros proxy (Linux if you can) http://www.parosproxy.org/index.shtml
4.      Ike-scan (Linux) http://www.nta-monitor.com/tools/ike-scan/
5.      SARA (Security Auditor's Research Assistant) (Linux) http://www-arc.com/sara/
6.      MBSA (discutable) http://technet.microsoft.com/en-us/security/cc184923.aspx
         http://en.wikipedia.org/wiki/BackTrack
         http://www.linux-magazine.com/w3/issue/77/BackTrack.pdf
7.    AppScan from IBM
http://www-01.ibm.com/software/awdtools/appscan/
AppScan Enterprise centralized control with advanced application scanning, remediation capabilities, executive security metrics and dashboards, key regulatory compliance reporting and seamless integration with the desktop version. AppScan Enterprise Edition provides:

    * Scalable, enterprise architecture that enables centralized scanning of multiple applications simultaneously
    * Intelligent fix recommendations to ease the process of remediation once security vulnerabilities have been identified and validated
    * Ability to scans Web sites for both embedded malware and links to malicious or undesirable sites to ensure your Web site is not infecting visitors or directing them to unwanted or dangerous sites without their knowledge
    * Continuous monitoring and aggregation of metrics to ensure remediation and trend improvement over time
It's hard to give you advice when we don't know
much about your current setup. What are the versions of IIS, Operating system are you running? Also you say you use your own script. Can you elaborate on that as well as the CMS system. Like was the system made with managed or unmanaged code, does it have input validation, had it been stress tested, too many to list here.... Also have you checked your logs to check for injection attempts on web traffic?

Author

Commented:
Just because I need to close the question
Well you never answered my questions. I never got to the chance to help you, since you didn't answer. Oh well!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial