I know this is a few days old, but just curious the OP says this attack was
caught by some custom code. Will cfqueryparam not protect input sufficiently
enough to disrupt this kind of attack? Should additional measures be used?
Thanks,
Will
Bobby,
Good work... except don't respond and
On 5/17/2011 6:13 AM, Will Blake wrote:
Will cfqueryparam not protect input sufficiently enough to disrupt this kind
of attack?
Yes, cfqueryparam would prevent the SQL code in that attack from
executing. Content of parametrized values are never evaluated by the
database for SQL statements.
I know this is a few days old, but just curious the OP says this attack was
caught by some custom code. Will cfqueryparam not protect input
sufficiently enough to disrupt this kind of attack? Should additional
measures be used?
Yes, as Ian said, CFQUERYPARAM will prevent this type of
traffic :)
-Mark
Mark A. Kruger, MCSE, CFG
(402) 408-3733 ext 105
www.cfwebtools.com
www.coldfusionmuse.com
www.necfug.com
-Original Message-
From: Bobby Hartsfield [mailto:bo...@acoderslife.com]
Sent: Friday, May 13, 2011 2:12 PM
To: cf-talk
Subject: RE: Can anyone decode
To: cf-talk
Subject: RE: Can anyone decode this?
Bobby,
Good work... except don't respond and include the actual URL - or if you do
find a way to disable it. It will show up in email readers as a link and (in
this case) it will end up published on the HOF archive page for this thread.
We don't want
Can anyone decode this? This was a URL attack that was caught by some custom
code. I tried decoding the string at
http://meyerweb.com/eric/tools/dencoder/ but had no luck.
113|736;DECLARE @S CHAR(4000);SET
@S=CAST(0x4445434C415245204054207661726368617228323535292C404320766172636861
???_Cursor
On Fri, May 13, 2011 at 9:31 AM, Che Vilnonis ch...@asitv.com wrote:
Can anyone decode this? This was a URL attack that was caught by some
custom
code. I tried decoding the string at
http://meyerweb.com/eric/tools/dencoder/ but had no luck.
113|736;DECLARE @S CHAR(4000);SET
@S=CAST
John, what did you do to decode this? Thanks, Che
-Original Message-
From: John M Bliss [mailto:bliss.j...@gmail.com]
Sent: Friday, May 13, 2011 10:34 AM
To: cf-talk
Subject: Re: Can anyone decode this?
Patial:
DECLARE @T varchar(255),@C varcha??C?DT4??$R?F??U?7W'6??5U%4??d?R
Subject: Re: Can anyone decode this?
Patial:
DECLARE @T varchar(255),@C varcha??C?DT4??$R?F??U?7W'6??5U%4??d?R
select a.name,b.name from
sysobjects7?66??V??2??v?WRC???B???B???xtype='u' and (b.xtype=99
or b.xtype=3?R?G??S?#3??G??S??crT??Table_Cursor FETCH NEXT
FROM
Subject: Re: Can anyone decode this?
Patial:
DECLARE @T varchar(255),@C varcha??C?DT4??$R?F??U?7W'6??5U%4??d?R
select a.name,b.name from
sysobjects7?66??V??2??v?WRC???B???B???xtype='u' and (b.xtype=99
or b.xtype=3?R?G??S?#3??G??S??crT??Table_Cursor FETCH NEXT
FROM
-talk
Subject: Can anyone decode this?
Can anyone decode this? This was a URL attack that was caught by some custom
code. I tried decoding the string at
http://meyerweb.com/eric/tools/dencoder/ but had no luck.
113|736;DECLARE @S CHAR(4000);SET
@S=CAST
www.cfwebtools.com
www.coldfusionmuse.com
www.necfug.com
-Original Message-
From: Jeff Garza [mailto:j...@garzasixpack.com]
Sent: Friday, May 13, 2011 9:39 AM
To: cf-talk
Subject: RE: Can anyone decode this?
Put this in your SQL Query analyzer tool and change the EXEC at the end to
PRINT
To: cf-talk
Subject: RE: Can anyone decode this?
Put this in your SQL Query analyzer tool and change the EXEC at the end to
PRINT. It should print out the SQL Statement for you to see what they were
trying to do.
Cheers,
Jeff
-Original Message-
From: Che Vilnonis [mailto:ch
Yep a bit cleaner than the last attack like this I saw.
-Original Message-
From: Russ Michaels [mailto:r...@michaels.me.uk]
Sent: Friday, May 13, 2011 10:31 AM
To: cf-talk
Subject: Re: Can anyone decode this?
it is some very clever SQL though
On Fri, May 13, 2011 at 3:57 PM, Mark
.:.:.:.:.:.:.:.:.:.:.:.:.:.
Bobby Hartsfield
http://acoderslife.com
http://cf4em.com
-Original Message-
From: Che Vilnonis [mailto:ch...@asitv.com]
Sent: Friday, May 13, 2011 10:31 AM
To: cf-talk
Subject: Can anyone decode this?
Can anyone decode this? This was a URL attack that was caught
15 matches
Mail list logo