Domain Manage

SQL Injection Problem

Discussion in 'General Board' started by stevebrowne, Jun 12, 2008.

Thread Status:
Not open for further replies.
  1. stevebrowne

    stevebrowne Active Member

    Joined:
    May 2007
    Posts:
    878
    Likes Received:
    11
    I'm not sure if it's been around long, but there is a big SQL injection thing doing the rounds at the moment, which is infecting lots of database driven websites.

    It links back to a javascript page which tries some cross site scripting form this site: www fengnima cn

    A quick protection is to add the following two lines to your hosts file (put the dots back in!):

    127.0.0.1 www fengnima cn
    127.0.0.1 fengnima.cn

    you might want to check your database files...
     
    Last edited: Jun 12, 2008
  2. Domain Forum

    Acorn Domains Elite Member

    Joined:
    1999
    Messages:
    Many
    Likes Received:
    Lots
     
  3. DaveH United Kingdom

    DaveH Active Member

    Joined:
    Apr 2008
    Posts:
    593
    Likes Received:
    7
    I'm fully aware of this bot :( It's very clever in the way it does it.

    I've seen it inject script from many different domains, fengnima is just 1 of many I'm afraid.
     
  4. admin Spain

    admin Administrator Staff Member

    Joined:
    Jun 2004
    Posts:
    10,084
    Likes Received:
    115
  5. aZooZa

    aZooZa Well-Known Member Exclusive Member

    Joined:
    Nov 2005
    Posts:
    4,495
    Likes Received:
    92
    I've got a really persistent portscan hacker on one of my servers. So bad I've had to disable perl. These people are a bloody pest. Somehow gets mysql privileges. It's down to a hole in a php script I think. phpbb was a big culprit at one time. Anyway, it's not on my dropsystem server thank goodness.
     
  6. scooter United Kingdom

    scooter Well-Known Member

    Joined:
    Apr 2006
    Posts:
    2,022
    Likes Received:
    41
    Is this just SQL? or MySQL as well?
     
  7. DaveH United Kingdom

    DaveH Active Member

    Joined:
    Apr 2008
    Posts:
    593
    Likes Received:
    7
    The one I'm aware of creates a parameter using an @ and it uses the declare statement so I assume it would only affect mssql, however there are stills loads of bots that break out of the SQL statement using an apostrophe which would affect MySQL and other databases.
     
Thread Status:
Not open for further replies.

Share This Page