December 7, 2011 at 6:30 am
http://isc.sans.edu/diary.html?storyid=12127 - has anyone some more information about it? At work the guys at network is tracing the pc's affected so I'm going to check them for Sqlexpress installations.
Anyone working on this? Just google lilupophilupop and you'll find alot of sites affected.
December 7, 2011 at 8:21 am
Ran accross something similar last week. Not sure what you are asking here.. Why would we be working on this? SQL Injection is usually due to vulnerabilities in the web AND database designs together..
CEWII
December 9, 2011 at 8:53 am
There shouldn't be a need to check PCs. It's an automated attack on the web hitting vulnerable web sites running ASP or ColdFusion using SQL Server as a back-end.
As to why we should be concerned about it... because if we have websites that are vulnerable because they don't do proper input validation, there is something we can do about it. Likely for most sites varchar is not going to be something that would be entered by a regular user (obviously, sites for coders and SQL professionals would be an exception). Therefore, it would be possible to create triggers on tables that look for this in the input and rollback the transaction, preventing the insert.
K. Brian Kelley
@kbriankelley
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply