|
Subject:
|
Site Hacked!!! (Please help)
|
|
Posted By:
|
ishh_sh
|
Post Date:
|
1/23/2007 12:40:41 AM
|
Hi All,
My site have been hacked and in place of product name throughout the site it shows "axelwashere". does anyone have an idea to prevent happening the same again. I backed up the database a week ago, when it was happened for the first time.
It is a critical time for me and I need immediate help from you guys.
Thank you for your help...
Thanks
Kailash
|
|
Reply By:
|
mat41
|
Reply Date:
|
1/23/2007 1:20:26 AM
|
However helpful or not, here are my thoughts:
axelwashere will be his/her tag. You need to talk to your host and find out why thier security allowed this. If this is the second time I would change hosts. Remember:
> you get what you pay for in a host
> no web server is safe, some hackers are very good
> have a back up of your site yourself and go with a host that has a 'rotatioanl tape of site back up routine'
Wind is your friend
Matt
|
|
Reply By:
|
ishh_sh
|
Reply Date:
|
1/23/2007 1:37:57 AM
|
Hi Matt,
Thanks for your reply.
Last time I backed up the database myself.
Host is asking us for hacked tables Names and also script references which modify the hacked tables. Host is also asking for when was the last time site worked properly.
You can check it yourself in https://connectione.biz/subcatalog_list.asp?catID=105&pid=104
I think that the site has some hole where database connection has made. The intruder took advantage of the connection and successfully able to execute bulk productname change query.
Can you assist me with some points where i should look to correct the flaw.
Thank you very much..
Kailash
|
|
Reply By:
|
Imar
|
Reply Date:
|
1/23/2007 1:39:11 AM
|
In addition to that, you may want to check your site for SQL injection vulnerabilities. Search Google for sql injection to get an idea of what it is and how to prevent it:
http://www.google.com/search?hl=en&q=sql+injection
Imar
---------------------------------------
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Everyone is unique, except for me.
Author of ASP.NET 2.0 Instant Results and Beginning Dreamweaver MX / MX 2004
Want to be my colleague? Then check out this post.
|
|
Reply By:
|
ishh_sh
|
Reply Date:
|
1/23/2007 5:18:16 AM
|
Hi Imar and Matt!
Thank you for your support!
I have tried myself and find out that it is related with SQL injection. Now I will try to stop the SQL injection into my site.
Please suggest if you have any effective suggestions.
Thank you
Kailash
|
|
Reply By:
|
ishh_sh
|
Reply Date:
|
1/23/2007 7:17:27 AM
|
Hi All,
As i am proceeding to implement the solution of SQL injection, I am facing an issue. I want to trap all the user requests using global.asa or anything else for the sql injection and allow only valid URL requests without SQL injetions.
Can anyone please assist me, how to write a utility like event handler to perform the above operation.
Thank you in Advance..
Kailash
|
|
Reply By:
|
dparsons
|
Reply Date:
|
1/23/2007 8:36:43 AM
|
How are you going to determine a SQL injection from a regular query? Are you looking for SQL key words or? Have you considered using Stored Procedures or Paramertized queries?
===========================================================
I will only tell you how to do it, not do it for you.
Unless, of course, you want to hire me to do work for you.
===========================================================
Read this if you want to know how to get a correct reply for your question:
http://www.catb.org/~esr/faqs/smart-questions.html
^^Took that from planoie's profile^^
^^Modified text taken from gbianchi profile^^
===========================================================
|
|
Reply By:
|
woodyz
|
Reply Date:
|
1/23/2007 10:39:20 AM
|
If you have sql code and database insert capability throughout your application you may want to isolote it into a single class - this way you will only have to deal with injections at a single point in your code.
Also, you might want to learn to use parameterized queries or to use the "addnew" capability of the recordset instead of using "plain" sql statements for anything that modifies the db.
Woody Z
http://www.learntoprogramnow.com
|
|
Reply By:
|
ishh_sh
|
Reply Date:
|
1/24/2007 2:13:08 AM
|
Thanks to all of you for your support,
I have found the solution.
Thanks
Kailash
|
|
Reply By:
|
Imar
|
Reply Date:
|
1/24/2007 2:38:50 AM
|
Would you mind sharing *how* you fixed the problem? I am sure other readers of this forum are interested in that as well.
Imar
---------------------------------------
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Everyone is unique, except for me.
Author of ASP.NET 2.0 Instant Results and Beginning Dreamweaver MX / MX 2004
Want to be my colleague? Then check out this post.
|
