[Owasp-alabama] Re-Post of SQL Injection attacks round three

owasp-alabama at lists.owasp.org owasp-alabama at lists.owasp.org
Fri Aug 29 09:56:52 EDT 2008

Hello list,
It appears as though some list members did not receive my original post on Tuesday about the latest iteration of Mass SQL Injection attacks from the asprox botnet. (AKA fast flux SQL injection)
I am attaching the writeup for those of you that didn't get it.
Let me know if there are any questions.
Also, just out of curiosity, how many of us are using web based HR systems, and if so, what product are you using? I ask because I have seen a rising trend of poorly written web interfacing to HR systems and many companies don't test internally hosted applications.
-Brad Causey
IT Security Technology
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-alabama/attachments/20080829/9749ab32/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: BradCausey-Fast_Flux_Injection.pdf
Type: application/pdf
Size: 45759 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-alabama/attachments/20080829/9749ab32/attachment-0001.pdf 

More information about the Owasp-alabama mailing list