This is a slightly modified version of a presentation I gave on an overview of a SQL Injection attack. I performed a forensics investigation on this attack as well as the desired effects on systems that browsed the site afterward. Additional information on this attack can be found on the Internet Storm Center in the following diary entries:
The 10.000 web sites infection mystery solved
SQL Injection: More of the same
If you have any questions or would like to discuss this please let me know. As always comments are welcome.