Wrox Programmer Forums
|
Classic ASP Professional For advanced coder questions in ASP 3. NOT for ASP.NET 1.0, 1.1, or 2.0.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP Professional section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old January 23rd, 2007, 01:40 AM
Registered User
 
Join Date: Sep 2004
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default Site Hacked!!! (Please help)

Hi All,

My site have been hacked and in place of product name throughout the site it shows "axelwashere". does anyone have an idea to prevent happening the same again. I backed up the database a week ago, when it was happened for the first time.
It is a critical time for me and I need immediate help from you guys.

Thank you for your help...

Thanks
Kailash
 
Old January 23rd, 2007, 02:20 AM
Friend of Wrox
 
Join Date: Jan 2004
Posts: 1,870
Thanks: 12
Thanked 20 Times in 20 Posts
Send a message via AIM to mat41
Default

However helpful or not, here are my thoughts:

axelwashere will be his/her tag. You need to talk to your host and find out why thier security allowed this. If this is the second time I would change hosts. Remember:

> you get what you pay for in a host
> no web server is safe, some hackers are very good
> have a back up of your site yourself and go with a host that has a 'rotatioanl tape of site back up routine'

Wind is your friend
Matt
 
Old January 23rd, 2007, 02:37 AM
Registered User
 
Join Date: Sep 2004
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi Matt,
Thanks for your reply.
Last time I backed up the database myself.

Host is asking us for hacked tables Names and also script references which modify the hacked tables. Host is also asking for when was the last time site worked properly.

You can check it yourself in https://connectione.biz/subcatalog_l...ID=105&pid=104

I think that the site has some hole where database connection has made. The intruder took advantage of the connection and successfully able to execute bulk productname change query.

Can you assist me with some points where i should look to correct the flaw.

Thank you very much..
Kailash
 
Old January 23rd, 2007, 02:39 AM
Imar's Avatar
Wrox Author
 
Join Date: Jun 2003
Posts: 17,089
Thanks: 80
Thanked 1,576 Times in 1,552 Posts
Default

In addition to that, you may want to check your site for SQL injection vulnerabilities. Search Google for sql injection to get an idea of what it is and how to prevent it:

http://www.google.com/search?hl=en&q=sql+injection

Imar
---------------------------------------
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Everyone is unique, except for me.
Author of ASP.NET 2.0 Instant Results and Beginning Dreamweaver MX / MX 2004
Want to be my colleague? Then check out this post.
 
Old January 23rd, 2007, 06:18 AM
Registered User
 
Join Date: Sep 2004
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi Imar and Matt!
Thank you for your support!

I have tried myself and find out that it is related with SQL injection. Now I will try to stop the SQL injection into my site.

Please suggest if you have any effective suggestions.

Thank you
Kailash
 
Old January 23rd, 2007, 08:17 AM
Registered User
 
Join Date: Sep 2004
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi All,

As i am proceeding to implement the solution of SQL injection, I am facing an issue. I want to trap all the user requests using global.asa or anything else for the sql injection and allow only valid URL requests without SQL injetions.

Can anyone please assist me, how to write a utility like event handler to perform the above operation.

Thank you in Advance..
Kailash
 
Old January 23rd, 2007, 09:36 AM
Wrox Author
 
Join Date: Oct 2005
Posts: 4,104
Thanks: 1
Thanked 64 Times in 64 Posts
Send a message via AIM to dparsons
Default

How are you going to determine a SQL injection from a regular query? Are you looking for SQL key words or? Have you considered using Stored Procedures or Paramertized queries?

================================================== =========
I will only tell you how to do it, not do it for you.
Unless, of course, you want to hire me to do work for you.
================================================== =========
Read this if you want to know how to get a correct reply for your question:
http://www.catb.org/~esr/faqs/smart-questions.html
^^Took that from planoie's profile^^
^^Modified text taken from gbianchi profile^^
================================================== =========
 
Old January 23rd, 2007, 11:39 AM
Friend of Wrox
 
Join Date: May 2006
Posts: 643
Thanks: 0
Thanked 0 Times in 0 Posts
Default

If you have sql code and database insert capability throughout your application you may want to isolote it into a single class - this way you will only have to deal with injections at a single point in your code.
Also, you might want to learn to use parameterized queries or to use the "addnew" capability of the recordset instead of using "plain" sql statements for anything that modifies the db.

Woody Z
http://www.learntoprogramnow.com
 
Old January 24th, 2007, 03:13 AM
Registered User
 
Join Date: Sep 2004
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks to all of you for your support,
I have found the solution.

Thanks
Kailash
 
Old January 24th, 2007, 03:38 AM
Imar's Avatar
Wrox Author
 
Join Date: Jun 2003
Posts: 17,089
Thanks: 80
Thanked 1,576 Times in 1,552 Posts
Default

Would you mind sharing *how* you fixed the problem? I am sure other readers of this forum are interested in that as well.

Imar
---------------------------------------
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Everyone is unique, except for me.
Author of ASP.NET 2.0 Instant Results and Beginning Dreamweaver MX / MX 2004
Want to be my colleague? Then check out this post.





Similar Threads
Thread Thread Starter Forum Replies Last Post
Hacked Bills Google Maps Code ramone_johnny Classic ASP Basics 5 August 5th, 2008 10:11 PM
Publish Web Site & Copy Web Site angshujit ASP.NET 2.0 Basics 1 June 15th, 2007 09:21 AM
site help LiquidMayCry Forum and Wrox.com Feedback 1 August 2nd, 2005 03:52 AM
how do i change the site icon on a geocitiies site uprocker2 HTML Code Clinic 2 March 4th, 2005 07:20 AM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.