Hacker Attempt on Form?

P

PinkBishop

I received a couple ad odd submissions on an online form.



Whoever submitted these entered some odd stuff in either the Name or
company field. See below.

Select * from sysobjects

'' or ''='' and Password = '' or ''=''

What do you make of this? Somebody trying to hack the site?
 
T

Thomas A. Rowe

Yes.

Do a search in your IE Address bar as:

? SQL Injection

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)

FrontPage Resources, WebCircle, MS KB Quick Links, etc.
==============================================
 
T

Thomas A. Rowe

It does for me, in both Windows XP IE6, SP1 and Windows XP IE6, SP2

Have you change the default IE search from MSN to another search engine / site?

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)

FrontPage Resources, WebCircle, MS KB Quick Links, etc.
==============================================
 
S

Steve Easton

On a server?? what does IE have to do with hacking a server??

--
Steve Easton
Microsoft MVP FrontPage
95isalive
This site is best viewed............
........................with a computer
 
T

Thomas A. Rowe

I think Andrew was indicating that entering "? sql injection" in his IE address bar isn't working.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)

FrontPage Resources, WebCircle, MS KB Quick Links, etc.
==============================================
 
S

Stefan B Rusynko

Then search Google
- you probably do not have IE address bar search enabled




| ? sql injection doesn't work (using IE 6.0, Sp1).
|
|
| | > Yes.
| >
| > Do a search in your IE Address bar as:
| >
| > ? SQL Injection
| >
| > --
| > ==============================================
| > Thomas A. Rowe (Microsoft MVP - FrontPage)
| > WEBMASTER Resources(tm)
| >
| > FrontPage Resources, WebCircle, MS KB Quick Links, etc.
| > ==============================================
| > To assist you in getting the best answers for FrontPage support see:
| > http://www.net-sites.com/sitebuilder/newsgroups.asp
| >
| > | > >
| > >
| > > I received a couple ad odd submissions on an online form.
| > >
| > >
| > >
| > > Whoever submitted these entered some odd stuff in either the Name or
| > > company field. See below.
| > >
| > > Select * from sysobjects
| > >
| > > '' or ''='' and Password = '' or ''=''
| > >
| > > What do you make of this? Somebody trying to hack the site?
| > >
| > >
| >
| >
|
|
 
Top