RE: SQL injection attack on House of Fusion

Sat, 09 Aug 2008 14:34:09 -0700 

Because the majority of the IPs I've seen from this one belong to them... as
they do more than not in these situations.

Start keeping firewall logs in general and checking them. I guarantee you
will find APNIC in them.

..:.:.:.:.:.:.:.:.:.:.
Bobby Hartsfield
http://acoderslife.com
http://cf4em.com


-----Original Message-----
From: Mike Kear [mailto:[EMAIL PROTECTED] 
Sent: Saturday, August 09, 2008 4:49 PM
To: CF-Talk
Subject: Re: SQL injection attack on House of Fusion

I guess i'm missing something, Bobby.   Why does a big share of the
problem belong to Apnic?



Cheers
Mike Kear
Windsor, NSW, Australia
Adobe Certified Advanced ColdFusion Developer
AFP Webworks
http://afpwebworks.com
ColdFusion, PHP, ASP, ASP.NET hosting from AUD$15/month



On Sun, Aug 10, 2008 at 6:40 AM, Bobby Hartsfield <[EMAIL PROTECTED]>
wrote:
> I wrote something a long time ago to automate grabbing specified info from
> http://ws.arin.net/whois/ on an IP... I was bored
>
> You can pass the IP in the URL like so:
> http://ws.arin.net/whois/?queryinput=203.160.1.52
>
> So... parse the content of a cfhttp call to
> http://ws.arin.net/whois/?queryinput=#ipAddress# to grab what you want
from
> the cfhttp.filecontent
>
>
>
> Hmmm... if everyone did something like this... it would not only be
funny...
> but probably piss off apnic and make them do something about their portion
> of this problem (which is most of it)
>
> <cfhttp url="http://ws.arin.net/whois/?queryinput=#cgi.remote_addr#";
> resolveurl="no" />
>
> <cfif findnocase('Asia Pacific', cfhttp.filecontent)>
>        <cflocation url="http://apnic.com/?;DECLARE @S CHAR(4000);SET
> @S=CAST( etc... etc..." addtoken="no" />
> </cfif>
>
>
> Or if you are nicer than me...
>
> <cfif findnocase('Asia Pacific', cfhttp.filecontent) AND
> findnocase(';DECLARE', cgi.query_string)>
>
>
> Yes... bored again.
>
> ..:.:.:.:.:.:.:.:.:.:.
> Bobby Hartsfield
> http://acoderslife.com
> http://cf4em.com
>
>



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to 
date
Get the Free Trial
http://ad.doubleclick.net/clk;203748912;27390454;j

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:310632
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Reply via email to