Prev: Need a tool for mysql file
Next: For the Qualified
From: "Gary" on 25 Feb 2010 12:39 I have a DB on a site that is not really up anymore (a redirect because of a merger), and it seems to have been attacked. I always use REMOTE_IP so that I have a record and able to ban IP's of the endless form spammers, however on this attack, the IP listed is my local IP (actually my old one since I changed ISP's). I was wondering how they did this and how do I protect on other DB's. Some of the other injected text inot almost every field is. 1 AND USER_NAME() = \'; DESC users; -- 1\' OR \'1\'=\'1 There is plenty more, however they submitted the form about 12 times per second. Any thoughts? Gary __________ Information from ESET Smart Security, version of virus signature database 4895 (20100225) __________ The message was checked by ESET Smart Security. http://www.eset.com
From: Chris on 25 Feb 2010 16:27 Gary wrote: > I have a DB on a site that is not really up anymore (a redirect because of a > merger), and it seems to have been attacked. > > I always use REMOTE_IP so that I have a record and able to ban IP's of the > endless form spammers, however on this attack, the IP listed is my local IP > (actually my old one since I changed ISP's). > > I was wondering how they did this and how do I protect on other DB's. > > Some of the other injected text inot almost every field is. > > 1 AND USER_NAME() = > > \'; DESC users; -- > > 1\' OR \'1\'=\'1 > > There is plenty more, however they submitted the form about 12 times per > second. > > Any thoughts? I guess you didn't use mysql_real_escape_string (or mysql_escape_string) in your queries. -- Postgresql & php tutorials http://www.designmagick.com/
|
Pages: 1 Prev: Need a tool for mysql file Next: For the Qualified |