Mass SQL Injection Attack Hits Sites Running IIS 288
Trailrunner7 writes "There's a large-scale attack underway that is targeting Web servers running Microsoft's IIS software, injecting the sites with a specific malicious script. The attack has compromised tens of thousands of sites already, experts say, and there's no clear indication of who's behind the campaign right now. The attack, which researchers first noticed earlier this week, already has affected a few high-profile sites, including those belonging to The Wall Street Journal and The Jerusalem Post. Some analyses of the IIS attack suggest that it is directed at a third-party ad management script found on these sites."
Wrong tag (Score:1, Interesting)
Re:Poor programing practices, NOT IIS or SQL at fa (Score:4, Interesting)
What is wrong with using regular parameterized queries instead of SPs?
Re:I suspect.... (Score:2, Interesting)
1. The payload is IIS/MSSQL specific. The author WANTS that platform.
2. The method of injection normally doesn't work on mySQL. jameswilkes over at http://nsmjunkie.blogspot.com/2010/06/anatomy-of-latest-mass-iisasp-infection.html [blogspot.com] stated it quite well:
Re:Wrong tag (Score:5, Interesting)