--- Don O'Neil <don@xxxxxxxxxxxxxx> wrote: > A customer of mine recently had their web site > hacked and the index file > defaced by Milli-Harekat... > > http://www.zone-h.org/en/search/what=Milli-Harekat.Org/ > > Does anyone know the exploit used for this and where > to find out about > fixing it? I have a feeling it's a brute force > attack of some sort, but I > can't find anything. > A look at the zone-h.org/en/filters links for milli-harekat.org gives a large list of sites they have defaced. a google search will also give a list of sites defaced. they all seem to be sql injection attacks, which is bad site scripting. Have your script sanitise all user supplied data to stop sql injections from working. The best way, rebuild the scripts with an abstraction layer between the actual db calls and the served documents, make sure what comes from the served documents is not executed as queries, but is inserted as data, then you can see where the actual attack comes from and charge that person for their illegal activities. Jaqui Jeff Henager: "If the average user can put a CD in and boot the system and follow the prompts, he can install and use Linux. If he can't do that simple task, he doesn't need to be around technology." __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|