abalfazl — 2009-12-13T14:49:49-05:00 — #1
The New SQL Injection Attack
December 11th, 2009
a new, extremely sophisticated SQL injection attack that may have already infected up to 300,000 Web pages has been detected. Perpetrators are using SQL injection to push a malicious iframe that is named script src=hxxp://318x.com into Web servers. (An iframe is an HTML structure that enables another HTML document to be put into an HTML page.)
What does it mean?Does it mean many web servers were vulnerable of SQL injection at the same time?How?Or is it a worm using SQL injection?
Like a worm that uses XSS in myspace?
dan_grossman — 2009-12-13T23:13:03-05:00 — #2
Generally someone finds a bug in a popular CMS (Drupal or Joomla or WordPress, etc.) then simply uses a search engine to find people running the version of that CMS with the bug (example, and can attack all their sites at once. Automating the search and the exploit is simple once a bug is found; finding exploitable bugs is the hard part.
abalfazl — 2009-12-14T00:37:42-05:00 — #3
in that particular case, Do you know which CMS was the the target?
dan_grossman — 2009-12-14T00:44:30-05:00 — #4
They're almost all .aspx sites, so it's probably something common to either IIS or Microsoft SQL Server.
abalfazl — 2009-12-14T13:24:11-05:00 — #5
so it's probably something common to either IIS or Microsoft SQL Server.
with all due respect,SQL injection is a technic that is used against database, How does it relate to IIS?
grindle20 — 2009-12-21T06:08:37-05:00 — #6
i hate sqlinjection grrrr
zjanetblazp — 2009-12-27T21:11:05-05:00 — #7
recently DDoS attack on DNS hits Amazon and others.
It seems that it is hard to stop cybercriminals
jamesww — 2010-01-05T16:56:59-05:00 — #8
I would like to know what i can do to prevent these SQL injections for WordPress.