[Owasp-singapore] [security-77] viewerschoice.com.sg

Wong Onn Chee ocwong at usa.net
Tue Aug 25 21:26:08 EDT 2009


Talking about SQL injections....
Check out
http://www.networkworld.com/news/2009/082409-us-says-sql-injection-caused.html?source=NWWNLE_nlt_security_strategies_2009-08-25


  U.S. Says SQL Injection Caused Major Breaches



On 08/26/2009 09:17 AM, Aung Khant wrote:
> Good point, I miss.
> Thanks!
>
> On Wed, Aug 26, 2009 at 7:40 AM, kianjui <kianjui at gmail.com
> <mailto:kianjui at gmail.com>> wrote:
>
>     Hi,
>
>       I think that script injection to web pages will get more and
>     more common. Be it through server compromise or SQL injection or
>     other vulnerabilities. There are even automated script or a bot
>     exploiting SQL injection attacks in vulnerable web applications
>     (see: http://isc.sans.org/diary.html?storyid=3823). Another
>     interesting way to inject malicious code is through flash or XSF
>     (cross site flashing).
>     http://isc.sans.org/diary.html?storyid=7015. I am sure we can see
>     more interesting ways to inject malicious code on websites in the
>     days to come.
>
>       For prevention, besides the server-side protection mention, on
>     the client side, I think the "no-script" firefox plugin might
>     mitigate the risk to a certain extend. However, such protective
>     technologies are usually for people "in the know",  everyday users
>     will find such protective technologies a hassle!   
>
>
>     On Wed, Aug 26, 2009 at 3:47 AM, Aung Khant <aungkhant at yehg.net
>     <mailto:aungkhant at yehg.net>> wrote:
>
>         I forgot to mention one cause - Password Stealing Trojan.
>
>         Stolen FTP passwords are sent along with FTP url to the
>         attacker controlled server.
>         The server then passes them to Injector which does:
>                  - login to ftp server
>                  - get index pages in each directory
>                  - append malicious codes in places ( after <body>,
>         above </body>, at end of file when it finds ?>  %>)
>                  - upload infected pages
>
>         If you analyze the FTP log for such cases, you will see a
>         continuous long list of get/upload actions only on index pages
>         in a few seconds.
>
>
>
>         --
>         Please Note: If you hit "*REPLY*", your message will be sent
>         to *everyone* on this mailing list (security-77 at meetup.com
>         <mailto:security-77 at meetup.com>)
>         This message was sent by Aung Khant (aungkhant at yehg.net
>         <mailto:aungkhant at yehg.net>) from The Singapore Security
>         Meetup Group <http://www.meetup.com/SGSecurityMG/>.
>         To learn more about Aung Khant, visit his/her member profile
>         <http://www.meetup.com/SGSecurityMG/members/8456195/>
>         To unsubscribe or to update your mailing list settings, click
>         here <http://www.meetup.com/account/comm/>
>
>         Meetup Support: support at meetup.com <mailto:support at meetup.com>
>         632 Broadway, New York, NY 10012 USA
>
>
>
>
>
>
>     --
>     Please Note: If you hit "*REPLY*", your message will be sent to
>     *everyone* on this mailing list (security-77 at meetup.com
>     <mailto:security-77 at meetup.com>)
>     This message was sent by kianjui (kianjui at gmail.com
>     <mailto:kianjui at gmail.com>) from The Singapore Security Meetup
>     Group <http://www.meetup.com/SGSecurityMG/>.
>     To learn more about kianjui, visit his/her member profile
>     <http://www.meetup.com/SGSecurityMG/members/10170594/>
>
>     To unsubscribe or to update your mailing list settings, click here
>     <http://www.meetup.com/account/comm/>
>
>     Meetup Support: support at meetup.com <mailto:support at meetup.com>
>     632 Broadway, New York, NY 10012 USA
>
>
>
>
> -- 
> Best Regards
> YGN Ethical Hacker Group
> http://yehg.net
>
>
>
>
>
> --
> Please Note: If you hit "*REPLY*", your message will be sent to
> *everyone* on this mailing list (security-77 at meetup.com
> <mailto:security-77 at meetup.com>)
> This message was sent by Aung Khant (aungkhant at yehg.net) from The
> Singapore Security Meetup Group <http://www.meetup.com/SGSecurityMG/>.
> To learn more about Aung Khant, visit his/her member profile
> <http://www.meetup.com/SGSecurityMG/members/8456195/>
> To unsubscribe or to update your mailing list settings, click here
> <http://www.meetup.com/account/comm/>
>
> Meetup Support: support at meetup.com
> 632 Broadway, New York, NY 10012 USA 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20090826/c4a25b92/attachment.html 


More information about the Owasp-singapore mailing list