Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
bardman6
Starting Member
3 Posts |
 Posted - 2007-09-18 : 17:19:40
|
| Hi folks,I have a site built in classic asp that pulls from a SQL Server 2000 db and sometime in the last week it was hacked by the notorious turkish hackers. I restored the db, luckily, I had just backed it up.The hosting company said that it was most likely the ' or 'x'='x hack and said that it was entirely up to me to fix the problem. I have no ideas and never heard of such a thing. Any ideas on how to fix it so it won't happen again? I have a admin/log in section of the site that they apparently used.BTW, it is very hard to search for this on Google as the apostrophes throw it all off.Thanks in advance.-->geek<-- |
|
|
dinakar
Master Smack Fu Yak Hacker
2507 Posts |
|
|
SwePeso
Patron Saint of Lost Yaks
30421 Posts |
Posted - 2007-09-18 : 18:14:17
|
Takes this as a lesson TO NEVER USE CONCATENATED string defined by user!Always, always use parameters!You were attacked with simplest SQL injection.
E 12°55'05.25"N 56°04'39.16" |
 |
|
|
jsmith8858
Dr. Cross Join
7423 Posts |
|
|
jezemine
Master Smack Fu Yak Hacker
2886 Posts |
|
|
dinakar
Master Smack Fu Yak Hacker
2507 Posts |
Posted - 2007-09-19 : 11:47:01
|
quote:
Originally posted by jezemine
quote:
Originally posted by dinakar
Sounds similar to this: http://www.sqlteam.com/forums/topic.asp?TOPIC_ID=89463
heh. that would just be perfect if SSP got hacked via a sql injection route...
elsasoft.org
I am not sure what the cause was though. And they did not even know this happened. The re-direction got corrected after a few minutes.Dinakar Nethi************************Life is short. Enjoy it.************************http://weblogs.sqlteam.com/dinakar/ |
|
|
|
bardman6
Starting Member
3 Posts |
Posted - 2007-09-20 : 16:44:38
|
| Well it turns out it wasn't this at all. The person that did the coding in the first place put a block on this event. I have looked at all of the ISPs that have logged on to the site and there are only 2 people that have logged in, myself and the owner of the site. I am narrowing down how they could of done it. I understand that on shared hosting plans, there may be some sort of script to gain access to SQL Servers....but I am still researching that. Any help from you all would be helpful!Thanks folks!-->geek<-- |
|
|
|
Haywood
Posting Yak Master
221 Posts |
Posted - 2007-09-20 : 18:15:05
|
quote:
Originally posted by bardman6
BTW, it is very hard to search for this on Google as the apostrophes throw it all off.
That is funny on _so_ many levels. |
|
|
|
|
|
|
My site was hacked!