There was a problem loading the comments.

What is SQL Injection

Support Portal  »  Knowledgebase  »  Viewing Article


SQL Injection: What is it?
SQL Injection is one of the many web attack mechanisms used by hackers to steal data from organizations. It is perhaps one of the most common application layer attack techniques used today. It is the type of attack that takes advantage of improper coding of your web applications that allows hacker to inject SQL commands into say a login form to allow them to gain access to the data held within your database.

Your Website is the victim of SQL injection.
Using vulnerability (which occurs within website code) an attacker /group of attackers have injected malicious scripts into your database.
These scripts refer to a different malicious site and the trojans detected are part of the malicious site that is referred to with the code on the pages.

Restoring old cleaned database will resolve the issue for time being,but if the SQL injection happens to the database before the taking backup then backup copy itself is infected & useless.In this case restoring infected database will not solve the problem.

You need to contact your Website Developer,DB admins.Take affected site/s offline, and each and every page that accepts input by way of Forms / Query strings / XML / any other form of input needs to be validated to ensure that malicious string data is not accepted.

For details on SQL injection vulnerability, share all this with your developer & DB admin:

For Safety Please ensure:
1. You have an updated anti-virus software running on your computers, and the software is set to run a FULL scan each week at the minimum.
2. You run a complete malware check on your computers periodically. We suggest using "Spybot Search & Destroy" which is a trusted freeware utility.
3. Use only trusted computers and not public computers such as at cybercafes to upload your site / access your emails accounts that contain passwords to your sites.
4. You change the password via the control panel to a complicated password as soon as possible.
5. The password should contain a mixture of UPPERCASE and lowercase alphabet, digits and symbols, and must be at least 8 characters long.
6. The password should be shared with as few people as possible.

Kindly, download the web data from the server & clean it.

Only scanning with Anti-Virus will not resolve the problem.

Ensure the following settings in the Adobe reader:
Edit ->preferences->javascript Disable

Important Note:
1. If you have granted full permission to any files / folder , please change the permission.

2. Do not grant full permissions to entire folders or even to files within your WWW/Public_html directory. Any files that need to be dynamically generated (and require write permissions for all) should typically be placed OUTSIDE the web accessible directories (i.e. : Such folders should exist outside the www/public_html directories.) These files can still be called from within your applications. You may need to alter the code of your applications suitably.

3. Your home directory does not contain any unwanted data / application & codes in your web-pages.

You are requested to take following immediate actions:
  Search your Web pages (html, asp jsp, js etc) for obfuscated malicious
  JavaScript/ IFRAME code injected by attackers. These links are embedded
in the source code of the Web page associated to an IFRAME/script tag.
  Remove the malicious contents (java scripts/IFRAMES) that are injected by the attackers
  Search for a hidden folder .sys and delete the same, if found
  Users may consider using a firefox addon "NoScript" which pre-emptively blocks malicious scripts and allows JavaScript, Java and other potentially dangerous content only from the user trusted sites..
  Scan the system with Anti-virus/Anti-spyware.

Share via

Related Articles

Self-Hosted Help Desk Software by SupportPal
© Balasai Net Pvt Ltd