What do you all make of this? I don't think it was successful - The http return code was 403 forbidden. I've been through the database and code on our pages making sure no yay fun scripts were being called from CommieVille.
Author: Groovicus, Location: Centerville, South DakotaPosted: Thu Jun 05, 2008 3:32 pm Post subject: ---- Somebody tried to run a script to inject malicious javascript onto your database. I am guessing that it is an Asprox variant.
Author: Motiv, Location: Seattle, WAPosted: Thu Jun 05, 2008 3:40 pm Post subject: ---- How can I make sure it wasn't successful?
I read over the post on the link you provided and found none of those malicious files on the web server.
Which table in the database should I be looking at? looks like a table named cursor if I am reading right?
Author: Groovicus, Location: Centerville, South DakotaPosted: Thu Jun 05, 2008 3:51 pm Post subject: ---- If the return code was a 403 error, then the attack was not successful. Are any of your webpages showing javascript that does not belong? I do not use asp or Microsoft SQL, so I don't know all that much about it, but there are quite a few pages that discuss it in depth. Perhaps one of them has detection measures.