where's the salt?

Posts Tagged ‘sqlinjection’

I’ve posted the initial script from http://www0.douhunqn.cn/csrss/w.js in Part 1, but for those who either can’t or rather won’t load it themselves, here’s an outline of what it does, and the other files it loads and accesses. All scripts in this post are images (they are screenshots so they will not harm your computer in […]

While the most recent SQL injection attack attempts are targeting MSSQL servers, chances are other databases will be targeted soon. Of course it is and always has been good practice to double-check input, but maybe these attacks were the wake-up call some developers needed. Basically every programming language is vulnerable, it is up to the […]

08/23
2008

SQL injection attacks: Part 2: Answers (6,130 views)

While the effect yesterday’s post had was unintentional (I only wanted to complain about the effect those requests have on our and our clients’ server statistics), it seems that a lot more people than I would have anticipated are affected and are looking for answers. So in this post, I am trying to provide help […]


search

Categories

Send this to friend