News and Views
Friday, August 08, 2008 12:02:55 PM
Be on the watch for new SQL injection attempts, coming from China, using an ascii-encoded binary string. Essentially, what it does is find a vulnerable database and append a string to the fields in every table. The string is a closing </title> tag with a script, followed by a comment to hide the rest of the page:
I put something like this in my application.cfm file to re-rout the attackers temporarily:
<cfif FindNoCase('user>0',cgi.query_string) OR findNoCase('declare',cgi.query_string)
Before posting comments or trackbacks, please read the posting policy.