April 18, 2009, A5 security team Ryoko, the morning call. One user said the site’s Web site could not be accessed properly. Is it black?. There are some problems with the website user. User files are very anxious.
I opened the user’s Web site. Found, really is inaccessible. The page is blank. Just show. A line of english. Sure enough, it was black. Find the problem and pass the simple test. The user’s home page was judged to have been injected with an SQL injection. Therefore, the normal access is not possible.
so what’s SQL injection?. In fact, it’s time to write code using some web programmers. There is no judgment on the validity of the data entered by the user. To use the application security problems exist, submit a database query code. Access to certain publicly available data. Exploited by hackers. Attack. Also become SQL Injection.
so I took out my professional tools. Carry out a risk assessment of the user’s website. The result is not what I expected. Web sites exist, and SQL injection is exploited by hackers. The site has a total of six injections. Dozens of XSS attack points. Therefore, there is a great security risk on the website. Security protection is needed for the code immediately. To ensure the security of the website.
solves the problem:
through the analysis of the database. It was discovered that the data had been injected, first of all, after recovering the damaged data. And the site has been safely reinforced. Make normal access to the site. The whole operation took only an hour. What I’m here to tell you is… Administrators should learn to read IIS logs. The firewall in the market will not alarm the SQL injection. Be sure to test your site applications in many ways so that you can find the injection point. And consolidate the site.
is here to tell you several ways,
1. is recommended to close or remove unnecessary interactive form submission page, because they are the way to SQL into hackers, close these interactive pages can effectively prevent some XSS attacks and XSS injection. The prevention and control of the most effective injection and cross site scripting attack method, in the code layer can shield the unsafe script and other dangerous characters.
2. filters the code associated with the vulnerability injection point and filters the SQL injection key to standardize code security.
3. do not put backup files on the server side to avoid infection, or backup files contain vulnerabilities, resulting in entry points, such as index1.asp, index2.asp, products1.asp and so on.
well, that’s all for today. Hope everyone’s security awareness is getting higher and higher. You can also add me: QQ70065671 webmaster network recommended professional server generation dimension: http>