The recent rash of SQL Injection - anything different?

Networking/Security Forums -> Databases

Author: manningLocation: Northern Ohio USA PostPosted: Tue Jul 22, 2008 9:46 pm    Post subject: The recent rash of SQL Injection - anything different?
    ----
Hello,

I know a ton has been posted about SQL injection on these forums, but I wonder specifically if there was anything so dramatically different about the recent rash of injections?

The reason I ask is because our website developer is telling me that the site as written a year or so ago was secure again known SQL injection vulnerabilities at the time, but the recent version of attacks was able to slip past earlier efforts to secure the site. Sound reasonable or are they trying to cover their backsides?

Thanks for your opinions in advance

Author: alt.don PostPosted: Wed Jul 23, 2008 1:44 am    Post subject:
    ----
I'm not aware of any new advances in SQL injection techniques. It is generally the same old issues of filtering and encoding. Hope this helps.....

Author: es0teric PostPosted: Wed Jul 23, 2008 5:50 am    Post subject:
    ----
No major recent developments in SQL injection that I'm aware of. If you want a site to check to know what you're up against, try this out...

http://milw0rm.org/

It's usually updated very quickly as new exploits and techniques become available.

Author: manningLocation: Northern Ohio USA PostPosted: Wed Jul 23, 2008 4:00 pm    Post subject:
    ----
Thank you for the feedback. Kind of what I suspected.

It is funny that one of the article the web designer suggested I read in an effort to prove his case actually states that a properly coded site would not have been as vulnerable to the recent wave of attacks.

Author: GroovicusLocation: Centerville, South Dakota PostPosted: Wed Jul 23, 2008 6:46 pm    Post subject:
    ----
I have sort of come late to this topic, but don't jump on your developers just yet. There was a new attack just recently, and I am totally blanking on the details, or where I found it. The harder I think about it, the less likely I will be able to remember it too.

Let me stew on it for a while. I am pretty sure it had to do with a specific application though, like Invision Power Board.

Author: manningLocation: Northern Ohio USA PostPosted: Wed Jul 23, 2008 7:53 pm    Post subject:
    ----
Groovicus wrote:
I have sort of come late to this topic, but don't jump on your developers just yet. There was a new attack just recently, and I am totally blanking on the details, or where I found it. The harder I think about it, the less likely I will be able to remember it too.

Let me stew on it for a while. I am pretty sure it had to do with a specific application though, like Invision Power Board.


OK, I'll go easy on them for now.

What I have read so far suggests that the vulnerability exploited by the most recent attacks was the same as eariler SQL injection vulnerabilites, but that the statement was different.

Basically the developer knows that I'm no SQL or ASP wiz, and because of this I want to make sure they aren't trying to slither out of responsibility for any security issues that they may have overlooked.

Author: GroovicusLocation: Centerville, South Dakota PostPosted: Wed Jul 23, 2008 8:40 pm    Post subject:
    ----
Found it:
http://blogs.technet.com/swi/archive/2008/05/29/sql-injection-attack.aspx
http://www.secureworks.com/research/threats/danmecasprox/
http://blogs.technet.com/neilcar/archive/2008/03/15/anatomy-of-a-sql-injection-incident-part-2-meat.aspx

I was wrong about the target, but correct in remembering that it had a specific target; in this case ASP instead of IPB. Anyway, hopefully that will help.



Networking/Security Forums -> Databases


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group