Blog 4 Jordan Day

Visitor of the day


  • You
     from

Brag Stats

  • Comments:25,004
  • Articles:2,000
  • Article Hits:12,459,805
  • Unique Visitors:2,000,438
  • Rss Subscribers:3,052
  • Comment Subscribers:2,530
  • Spammers:136,315
  • Generated :757,671 spams
  • Monitoring:3,942,477 spam IPs
Powered by Qwaider Shield

Recent Comments

Check out the latest pictures on Sweetestmemories

« The A-Hole geneGoddamn Friday the 13th! »

Attaaaaaaaaaaaaaaaaaaaaack!

  • By: Qwaider

  • On:Friday, June 13, 2008 6:40:54 PM
  • In:Thoughts
  • Viewed: (9665) times

    • Currently 4.4/5 Stars.
    • 1
    • 2
    • 3
    • 4
    • 5

    Rated 4.4/5 stars (102 votes cast)

    I woke up this morning to find that Memories Documented has been suffering under the weight of a vicious online attack. To be more precise, over 400 SQL injection attempts over the course of few hours. (And it's still going on at this time)

    Everything has been recorded and logged, and all the logs will be provided to the authorities

    I'm just so happy I went through my code and decided to implement some traps to specifically fend off and record such attacks. This doesn't mean that my code was vulnerable before, in fact, all inputs are all sanitized and parametrized way before they reach the database, and it has been the case from day one!

    Sorry for the inconvenience, but I have to elevate the current security state. Expect delays and service interruptions for now. But all should be fine soon

    The attack appears to be attempting to inject some javascript into the text fields in my database, and have them point to: http://www. adsitelo .com, http://www. advabnr .com, http://www. bigadnet .com, http://www. clsidw .com and http://www. datajto .com(links broken deliberately) [CAUTION: THESE SITES HAVE ACTIVE MALWARE ON THEM, do not approach, or be EXTREMELY CAREFUL when you do so, you have been warned!]

    You know, the definition of stupidity is, "doing the same thing over and over again and expecting different results" (Albert Einstein). What I'm seeing is exactly that. They tried, 400 times already, you "think" there might be a breakthrough at say, 401? or for 419?

    Other Memories Documented on June 13
    « The A-Hole geneGoddamn Friday the 13th! »

    Memories....

    • #1
    • Maher
    • Windows Firefox Browser
    • Said
    • On: 6/13/2008 9:18:30 PM
    Allaaah satar!!
    Great defense lol

    Offtopic :lakers? Celtic? None?
    Good thing you have taken the necessary precautions.
    The only reason i see them doing the same attack over and over is if they are trying some sort of a DoS variant ... but this is a very uneffective way of doing it .. and 400 times is not merely enough.

    Finally, if they are trying to stick some JavaScript in your DB so that users are redirected to some other sites .. isn't that technically a variant of XSS attacks rather than just mere SQL Injection ?!

    Anyway .. 7amidlla 3a'salameh ... and take some Acamol ;-p
    LOL Maher,
    Yeah :) Allah satar
    Lakers

    Za3tar
    Over 500 as or right now.
    And you're right, it's not "just" SQL injection, but what good is SQL injection along if it doesn't cause some additional crap?

    The good thing is that I've made a decision to parametrize and santize everything from day one. But still, stuff like tht happen because apparently, they don't know and therefore they're "probing" and trying different combinations
    You will be surprized how many government sites have been taken down like this!
    lool...nas fadye hadool !! good ur safe
    • #5
    • Arima
    • Windows Firefox Browser
    • Said
    • On: 6/13/2008 11:49:17 PM
    Sorry to hear this Qwaider but I'm sure you'll be able to sort this out soon.

    OVER NINE THOUSAND!!!
    http://youtube.com/watch?v=TBtpyeLxVkI

    Bakkouz: i have no idea what your video means .. i am not an anime fan. However, in that spirit .. here is an internet classic: http://youtube.com/watch?v=qItugh-fFgg

    • #8
    • KJ
    • Windows Firefox Browser
    • Said
    • On: 6/14/2008 10:05:22 AM
    What to say man, you're popular!
    Too technical for your own good... I could only speak about intramuscular injections :sigh: *looks around* whoever you are, i'm not scared of you and Qwaidar obviously isnt ;)
    7amdelah 3ala salamet Memories Documented :) wow it seems somebody has their mind set on sth.

    IT question: is this a program that is designed for nonestop attacking or is it a person that is in his/her full mind to try for 400 times!?
    Ironically was just talking with a friend of mine about the SQL injection thing as he was introducing the threat and how major companies resolving it by putting the database on commercial servers and so on. It is good that everything is alright.
    Wow, I forgot to respond here... my apologies

    Abed
    Apparently they're not really nas fadyeh. I think they've got an agenda!

    Arima
    Thanks dear, I'm still monitoring the situation, and collecting all sort of details
    The list of IP's have been all recorded and I'm adding them to Qwaider shield. Where they will be reported to everyone as "evil"

    Bakkouz
    Thanks

    Za3tar
    Thanks

    KJ
    I don't think it's popularity that they're after, I think they're just trying to spread their own agenda. Who and how or where it doesn't matter.

    Batoul
    I'm not scared, because I would shut this site up and burn it to hell before it would harm others or hurt others.

    Wonders
    Thank you my dear sister, ishta2tellek wallah
    I think it's a network that has some good resources. After analyzing the attack, it's obvious that they have good tricks and thrive on bad programming practices. They've hit a huge number of government sites all over the world (because people don't really care about these for some reason :)) And they historically have bad programming practices
    Anyway, it's really big (and serious) that's why it got me worried

    Mohamed
    Going commercial doesn't do anything if your code sucks. This can easily be mitigated by sanitizing your parameters.
    Thanks
    You too can have your Memories Documented

    Country:

    HTML has been disabled but if you wish to add any hyprlinks or text formating you can use any of the following codes: [B]bold text[/B], [I]italic text[/I], [U]underlined text[/U], [S]strike through text[/S], [URL]http://www.yourlink.com[/URL], [URL=http//www.yourlink.com]your text[/URL]

    Whisper (your comment will not be displayed)

    Please refer to Commenting policy


    Notify me of follow-up comments by email
    « The A-Hole geneGoddamn Friday the 13th! »
    Read by:
  • Guest-
    • |
  • Guest-
    • |
  • Guests(33)-
    • |
  • KJ-
    • |
  • wonders-
    • |
  • Guests(3)-
    • |
  • Guests(3)-
    • |
  • Guest-
    • |
  • Guest-
    • |
  • Guests(120)-
    • |
  • Guests(21)-
    • |
  • Simply Me-
    • |
  • Guests(4)-
    • |
  • Guests(2)-
    • |
  • Guests(6)-
    • |
  • Guest-
    • |
  • Guest-
    • |
  • Guests(6)-
    • |
  • Guests(12)-
    • |
  • Guests(2)-
    • |
  • Guests(1054)-
    • |
  • Guest-
    • |
  • Guests(2)-
    • |
  • Guest-
    • |
  • Guests(39)-
    • |
  • Guest-
    • |
  • Guests(21)-
    • |
  • Guests(29)-
    • |
  • Guests(2)-
    • |
  • Guests(334)-
    • |
  • Guests(24)-
    • |
  • Guest-
    • |
  • Guests(20)-
    • |
  • Guests(27)-
    • |
  • Guests(344)-
    • |
  • Guests(26)-
    • |
  • Guests(17)-
    • |
  • Guests(21)-
    • |
  • Guests(17)-
    • |
  • Guest-
    • |
  • Guests(290)-
    • |
  • Hayati-
    • |
  • Mohamed ElGohary-
    • |
  • Guests(25)-
    • |
  • Guests(4)-
    • |
  • Guests(9)-
    • |
  • laila-
    • |
  • Guests(19)-
    • |
  • Guests(159)-
    • |
  • Guests(100)-
    • |
  • Guests(7)-
    • |
  • Guest-
    • |
  • Guests(2)-
    • |
  • Guests(8)-
    • |
  • Guest-
    • |
  • Guests(12)-
    • |
  • Guests(17)-
    • |
  • Guests(15)-
    • |
  • Guests(51)-
    • |
  • Guests(3)-
    • |
  • Guests(44)-
    • |
  • Guests(628)-
    • |
  • Guests(3)-
    • |
  • Guests(5)-
    • |
  • Guests(28)-
    • |
  • Guests(3)-
    • |
  • bakkouz-
    • |
  • Bakkouz-
    • |
  • Guests(29)-
    • |
  • Hani Obaid-
    • |
  • iffffffff-
    • |
  • Lost Within-
    • |
  • Maher-
    • |
  • Mohd Shaltaf-
    • |
  • احمد العوضي-
    • |
  • Princess N-
    • |
  • Shaher-
    • |
  • Guests(21)-
    • |
  • Guests(7)-
    • |
  • Guests(163)-
    • |
  • Abed Hamdan-
    • |
  • chika-
    • |
  • Guests(20)-
    • |
  • Guest-
    • |
  • Guests(6)-
    • |
  • Guest-
    • |
  • Guests(6)-
    • |
  • Guests(17)-
    • |
  • Guest-
    • |
  • Guests(10)-
    • |
  • Guest-
    • |
  • Guests(47)-
    • |
  • Guests(30)-
    • |
  • Guest-
    • |
  • Guest-
    • |
  • Guest-
    • |
  • Guests(2)-
    • |
  • Guests(2)-
    • |
  • Guest-
    • |
  • Guests(8)-
    • |
  • Guest-
    • |
  • Guests(72)-
    • |
  • Guests(57)-
    • |
  • Guests(13)-
    • |
  • Guests(217)-
    • |
  • Guests(28)-
    • |
  • Guests(2)-
    • |
  • Guests(2)-
    • |
  • Guests(6)-
    • |
  • Guests(3)-
    • |
  • Guests(29)-
    • |
  • Guests(147)-
    • |
  • Guests(114)-
    • |
  • Guests(175)-
    • |
  • Guests(2)-
    • |
  • Guests(4)-
    • |
  • Guests(4)-
    • |
  • Guests(12)-
    • |
  • Guests(36)-
    • |
  • Guests(264)-
    • |
  • Guests(43)-
    • |
  • Guests(2)-
    • |
  • Guests(70)-
    • |
  • Guests(15)-
    • |
  • Guests(3)-
    • |
  • Guests(9)-
    • |
  • Guests(24)-
    • |
  • Guests(5)-
    • |
  • Guests(2)-
    • |
  • Guests(151)-
    • |
  • Guests(4)-
    • |
  • Guests(366)-
    • |
  • Guests(93)-
    • |
  • Guest-
    • |
  • Guests(54)-
    • |
  • Batoul-
    • |
  • Faisal-
    • |
  • Guests(3102)-
    • |
  • Maioush-
    • |
  • nobody-
    • |
  • za3tar-
    • |
  • Guests(4)-
    • |
  • Guests(209)-
    • |
  • Guests(253)-
    • |
  • Guest-
    • |
  • Guest-
    • |
  • Guests(2)-