This may be simple minded, but you don't need to know every word they use. A
filter that elaborate would make a site practically useless. However, most
(actually all) hacks must contain a specific syntax to initiate the security
hole. For example, the URL attacks on you followed a
"...90;%20DROP%20TABLE%20IMAGES..." syntax. My script just looks for a
hardly-used-always-the-same portion of that needed syntax such as
";%20DROP%20TABLE%20" to trigger the lockout.
I've had some pretty good responses to my little script. It doesn't cover
every known hack, but then what does? It's better then just complaining
about the problem.
BTW, I'm on the lookout for more "hack syntax" that I can incorporate into
the script. I've added all the ones I know of. If you know of specific
coding that is incorporated htrough a CFM page, please email me OFF LIST so
I can see about increasing the power of my cf_antihack script.
================================
Josh - [EMAIL PROTECTED]
cf-codes - http://www.rubak.com/cf-codes.cfm
================================
>------------------------------
>
>Date: Sun, 12 Aug 2001 16:38:36 -0600
>From: "Don Vawter" <[EMAIL PROTECTED]>
>Subject: Re: Hacking CF Web Sites and Applications
>Message-ID: <01ca01c1237f$8651c890$6501a8c0@VAIO>
>
>No I didnt write a filter. IMO such an attempt is unlikely to work because
>one would have to guess in advance all the words a hacker could use and I
>am
>not that clever.
>
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
