Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
Author |
Topic |
Initiaters
Starting Member
4 Posts |
Posted - 2010-01-23 : 02:21:40
|
Hello All,In my SQL DB, some tables columns are getting updated along with <script></script> tag at the end of each value .example, table name tbldata is having column name dataTitle containing 10 rows. after updation, each row value is updated with <script></script> tag.Can anybody help how to prevent DB to insert data like this. and suggest me how to track the user/ip by which it is updated as it is not by any form...Please help!!!thnaks & regardsMohit |
|
Kristen
Test
22859 Posts |
Posted - 2010-01-23 : 03:07:25
|
Sounds like your application (presumably web application?) is accidentally including that data in the information it sends to be saved in the database.Either that, or you have some code somewhere that is accidentally including it.You could use Profiler to "watch" the SQL statements arriving at the database to see if they contain "<script>" and that would enable you to pinpoint the application that is sending the data.You can script the Stored Procedures and Triggers from your database and do a text search on that to see if you can find "<script>" - but if the intent was malicious it probably will not be there in plain text.Maybe someone is trying to hack into your system - filling in fields on your forms with <script> tags. We get that all the time, wastes a lot of our time cleaning up / rejecting data.And lastly maybe your system is susceptible to SQL Injection and someone has hacked into your system and messed with your data. SQL Profiler will help you detect any repeat occurrence.If you don't find any you will need to look in Stored Procedures and Triggers to see if there is anything there which is causing the problem. |
|
|
Initiaters
Starting Member
4 Posts |
Posted - 2010-01-25 : 01:52:22
|
Hi kristen,Thanks for your help..I dont know about "SQL Profiler" about how to do this?You could use Profiler to "watch" the SQL statements arriving at the database to see if they contain "<script>" and that would enable you to pinpoint the application that is sending the data.Or maybe your system is susceptible to SQL Injection and someone has hacked into your system and messed with your data. SQL Profiler will help you detect any repeat occurrence.i m thinking these two points are remaining at my end to setup...as DB is getting i have created a script via stored procedure as well as the ASP.NET script which will help me to clean up the DB. but my mean is to track and prevent the system. Can SQL Profiler help me to track from where and when it is updating the DB or what i do to track the hacker if so.Many Thanks!!!Mohit |
|
|
Kristen
Test
22859 Posts |
Posted - 2010-01-25 : 02:11:07
|
SQL Profiler is part of the SQL client Tools (along with SQL Server Management Studio etc.). Start : Programs : MS SQL Server : and then depending on what version you are using it is probably under Performance tools.SQL Profiler will only tell you which application the code came from - so if someone is trying to hack your system SQL Profiler will only tell you that your ASP.NET application sent the "data" to SQL Server. However, it will also tell you time, and the IIS logs will help you then diagnose who was connected at the time |
|
|
GilaMonster
Master Smack Fu Yak Hacker
4507 Posts |
Posted - 2010-01-25 : 03:12:16
|
Looks like you've got a SQL injection vulnerability and people are exploiting it. There's more automated attacks going around.Start with your favourite search engine and do some searches for SQL injection and how to prevent it.--Gail ShawSQL Server MVP |
|
|
|
|
|