Err...
Twelve Monkeys, I think you'll find.
The source of the mystery infection of more than 10,000 websites back in January has been uncovered. Thousands of legitimate websites were compromised at the start of the year to serve up malware. It seemed that the exploitation of SQL Injection vulnerabilities was involved in the automated attacks. The precise mechanism was …
Not true.
Injection can work by using a input value that is displayed (without sanitizing it).
Say you had a comments application, that had three inputs: Title, Author, and Comment. And say when you press submit on the entry form the input values are stored verbatim, when the comment is displayed, say the author field just has "by " added to the beginning and is sent to the browser. Now say, someone inputs a script tag as the author, the browser will, instead of displaying the author, run the script.
Stored procedures does protect you from someone replacing a password input with a SQL script select statement to get the password from the database, assuming you can get enough details of the database structure from the error messages that appear in the browser (or it is a standard structure database).
I've been scanning my sites for this..
The evidence for the malware I picked up, were malicious iframe's linked to javascripts appended to every index.html and index.php (even if the name started with something else)
grep -i -r -H -n --binary-files=without-match --colour=auto -U iframe /path/to/site/* > ~/tmp.txt && grep -i fromCharCode ~/tmp.txt > ~/results.txt
Just delete the iframe and script code to clean your code.. don't know how to prevent it though.. anyone?
"I love the way John _has_linked_ to a page all about the film, yet _still_manages_ to misspell the films title!"
I believe that you'll find that tense misalignment is a grammatical error. Try "has linked...has still managed" or "links...still manages" -- or follow Sara's example and use "has linked...while still managing".
PS - Don't mess with Sara. She's the best Vulture Central's got (and surely vastly underpaid)!
PPS - To those which hate the constant pedants' wars: I agree, but pedantry is like crack to some of us -- specifically those of us who actually cling to the horribly unlikely dream that someday humankind will create a language (or anything, for that matter) that is logically consistent and easy to use.
Hi John, it's me again ...
"With the benefit of the hacker tool used to pull off the attack this all becomes much clearer, much like it was easier for scientists to unravel a cure for the mystery pandemic that blighted mankind in the Twelve Monkies after they obtained a sample of the pure source"
No, the above is a description of an SQL injection exploit, the latter is a ludicrous plot from a movie ..
Like, why didn't they send him back before the outbreak with a very contagious antidote virus to the first virus, that way he would have innoculate the population in advance. That way, him getting amnesia for half the picture and wandering around wondering what to do, wouldn't matter.
Wait a minute, I have an idea, why don't SANS send someone back in time to get a sample of the original malware. I'm available and after a life time of overindulging in chemicals, is suffering from amnesia already, just wait a minute, who wrote that already, voodoo mannn ???