I'm wondering if I can get some info. Recently the place where I work, got there website hacked.
Basically the site had lots of random pages added to it, selling random drugs(aka those little blue pills people like to buy)
Now the web host/design company are saying that there server and database wasn't compromised. Here is where I get confused:
The unauthorised content was immediately removed from the system and a full investigation process started to identify the root cause and if at all possible the source of this incident.
After detailed investigation, it would seem that a malicious visitor had uploaded pages containing key words which would assist in promoting a 3rd party site in its Google rankings.
In an effort to provide further reassurance, we performed a consistency check on the database comparing it to known good data. The results showed that no data had been tampered with or modified in any way.
Now if the server/database wasn't compromised what content was immediately removed?
They also go on to say it may off been SQL Injection - Now it is my understanding that for SQL injection to work it would be bad coding of SQL statements which would leave the database compromised?
They also list few other things like:
• Cross site scripting
• Malformed cookies
• Session hijacking
But the part that confuses me is they said they had to remove content from the site. But the site is database driven which means the content would have to be injected in to the Database some how?
Question
joemailey
Folks,
I'm wondering if I can get some info. Recently the place where I work, got there website hacked.
Basically the site had lots of random pages added to it, selling random drugs(aka those little blue pills people like to buy)
Now the web host/design company are saying that there server and database wasn't compromised. Here is where I get confused:
Now if the server/database wasn't compromised what content was immediately removed?
They also go on to say it may off been SQL Injection - Now it is my understanding that for SQL injection to work it would be bad coding of SQL statements which would leave the database compromised?
They also list few other things like:
• Cross site scripting
• Malformed cookies
• Session hijacking
But the part that confuses me is they said they had to remove content from the site. But the site is database driven which means the content would have to be injected in to the Database some how?
Does this make sense to anyone?
Link to comment
Share on other sites
5 answers to this question
Recommended Posts