SQL Injection Attack from 82.45.20.100:
While perusing the application logs this morning I noticed a number of SQL Injection attempts. The site that was being attacked uses MVC with automatic Form values to object binding so the exceptions were being thrown early on in the controller when the framework was trying to bind the attack string to, for example, a boolean.
Here are some of the attack strings the system logged:
%20AND%201=1
%20AND%201=2
' AND '1'='1
' AND '1'='2
' AND 1=1/*
' AND 1=2/*
AND 1=1/*
AND 1=2/*
The source of the attack:
IP: 82.45.20.100
City: Bristol
State: England
Country: United Kingdom
ISP: Virgin Media Limited.
The attack bot wandered around the site and tried many different entry points as you'd expect. Some of the attack points on the site identified it as an attack through the pattern being requested and stopped processing .An initial inspection of the database shows no damage.
One of the tricky things about logging SQL Injection attacks is that if you're logging them to a database then your logging process might facilitate the attack when the initial attack failed. I have 2 suggestions for this this:
1. Ensure that any code you use to insert or update to the DB is appropriately parameterized and injection proof.
2. Become a SQL Injection expert and try and break your fortress with injection attempts.
I'm a little bit surprised that SQL Injection attempts are still going on. I would have thought that any site worth taking over would have dealt with this by now. It's been over a decade since this became a well known security problem.
Subscribe to:
Post Comments (Atom)
Could not find a part of the path ... bin\roslyn\csc.exe
I am trying to run an ASP.NET MVC (model-view-controller) project retrieved from TFS (Team Foundation Server) source control. I have added a...
-
Building Custom Controls for Windows 8 Store apps : This article explains how to build custom controls for Windows Store apps, using XAML a...
-
Adding the New HTML Editor Extender to a Web Forms Application using NuGet : The July 2011 release of the Ajax Control Toolkit includes a ne...
-
September 2011 Release of the Ajax Control Toolkit : I’m happy to announce the release of the September 2011 Ajax Control Toolkit. This rele...
No comments:
Post a Comment