My site got hacked!

bardman6 · #1 (**permalink**) 09-18-07, 15:45

Hi folks,

I have a site built in classic asp that pulls from a MSSQL db and sometime in the last week it was hacked by the notorious turkish hackers

. I restored the db, luckily, I had just backed it up.

The hosting company said that it was most likely the ' or 'x'='x hack and said that it was entirely up to me to fix the problem. I have no ideas. Any help?

Thanks in advance.

bardman6

gvee · #2 (**permalink**) 09-18-07, 17:40

Quote:

Originally Posted by bardman6

t was most likely the ' or 'x'='x hack

That is a common technique called SQL injection, there is a heap of information out there if you go Google. I would advise that you disallow the use of apostrophes, semi-colons etc in any of your input areas (textboxes and the like).

Aren't you glad you had that backup, eh!
Make sure you keep that up - frequent backups are key!

Teddy · #3 (**permalink**) 09-19-07, 11:24

Prepared statements FTW.

Internet Services

Web Development

Digital Marketing

Consumer Tech