where's the salt?

Posts Tagged ‘hack’

I’ve posted the initial script from http://www0.douhunqn.cn/csrss/w.js in Part 1, but for those who either can’t or rather won’t load it themselves, here’s an outline of what it does, and the other files it loads and accesses. All scripts in this post are images (they are screenshots so they will not harm your computer in […]

While the most recent SQL injection attack attempts are targeting MSSQL servers, chances are other databases will be targeted soon. Of course it is and always has been good practice to double-check input, but maybe these attacks were the wake-up call some developers needed. Basically every programming language is vulnerable, it is up to the […]


SQL injection attacks: Part 2: Answers (6,006 views)

While the effect yesterday’s post had was unintentional (I only wanted to complain about the effect those requests have on our and our clients’ server statistics), it seems that a lot more people than I would have anticipated are affected and are looking for answers. So in this post, I am trying to provide help […]


SQL injection attacks: no end in sight? (30,691 views)

Just when I thought it would be over, there seems to be yet another massive wave of SQL injection attacks – presumably from newly infected servers. UPDATE (8-23-2008): Looking for answers? Check Part 2 UPDATE (8-25-2008): Securing your forms to prevent future attacks