Possible SQL Injection attack...i think!!!

**The Mighty Dub** · 10-22-2009, 12:49 PM

Hi,

I just came across a piece of script that has been put into my source code throughout the site...and not by me!!!. Im using ASP pages and sql 2000 db.

Im not sure how they did it but im fearing this could get more serious and end up them hitting my db. Here is example(kind of) of the script im finding...

Code:

<script src="Http://www.domainname.com /a /a .php></script>

HELP!!!!

**Brian07002** · 10-22-2009, 02:11 PM

Not sure about what that could be, but I wouldn't count it out as an attack on your website.

**frih** · 10-22-2009, 02:39 PM

Well, it is not just your site, may be the whole server is under attack. Ask your webhost for this.

**chrishirst** · 10-22-2009, 03:02 PM

It is a cracking/infiltration attemp. Change your FTP password straight away and inform your host as it may be some other client on the server if you are on shared hosting

**alex021** · 10-22-2009, 03:39 PM

change your ftp passwords and scan your pc for viruses/spyware

**webcosmo** · 11-07-2009, 11:12 AM

I see similar thing with a unix server, php scripts; somebody was adding pron links on all pages. you should consult with your hosting company asap and check all your scripts.

**vikas1234** · 11-17-2009, 10:56 PM

are you using some scripts like wordpress .. older version of these script are pron to sql injection script

**speak66** · 11-19-2009, 03:18 PM

This does look like an SQL injection attack. If you're using an older version of WordPress, this was recently a common exploit. Here is some info about how to fix it if you're using WordPress: http://www.wpbeginner.com/news/wordp...latest-attack/