By spl0it
via rtraction.com
Published: Jul 22 2008 / 10:31
A new SQL injection hack seems to be out in the wild from verynx.cn. The SQL Injection hack uses a CHAR array to hide its payload which will insert some various html garbage along with a reference to a javascript file on the verynx.cn domain that will infect users when they visit your website. Luckily the domain with the offending javascript file now points to 127.0.0.1 which will help stop the spread of the virus. Unfortunately the botnet still seems to be spamming websites with the scripted attack leaving many entirely broken or loading extremely slow as each page might have hundreds of requests to the payload.
Comments
artnik replied ago:
bloid replied ago:
Having pretend conversations with people you share an office with is pretty lame...
I'm so close to blocking this again...
eabarquez replied ago:
Lol. How did you know?
bloid replied ago:
bloid sees all ;-)
spl0it replied ago:
I think perhaps he was a little irritated by your banning of my first link submission - no1 had made a comment or anything silly, simply 4 supporting colleagues had voted for the article and you blocked it for vote gaming.
ellisgl.myopenid.com replied ago:
I don't see how it's so "new". It's an injection. All data that can be manipulated should be dealt with in the first place.
zynasis replied ago:
exactly wat ellisgl.myopenid.com said.
its a plain old injection that alters something in your database. nothing new.
Voters For This Link (25)
Voters Against This Link (3)