This is a slightly modified version of a presentation I gave on an overview of a SQL Injection attack. I performed a forensics investigation on this attack as well as the desired effects on systems that browsed the site afterward. Additional information on this attack can be found on the Internet Storm Center in the following diary entries:
The 10.000 web sites infection mystery solved
http://isc.sans.org/diary.html?n&storyid=4294
SQL Injection: More of the same
http://isc.sans.org/diary.html?storyid=4565
If you have any questions or would like to discuss this please let me know. As always comments are welcome.
Thursday, October 1, 2009
Subscribe to:
Post Comments (Atom)
This comment has been removed by the author.
ReplyDelete